Vulnerability Details : CVE-2019-12418
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
Products affected by CVE-2019-12418
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:workload_manager:18c:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:workload_manager:19c:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- Netapp » Oncommand System ManagerVersions from including (>=) 3.0.0 and up to, including, (<=) 3.1.3cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*
Threat overview for CVE-2019-12418
Top countries where our scanners detected CVE-2019-12418
Top open port discovered on systems with this issue
80
IPs affected by CVE-2019-12418 301,714
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2019-12418!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2019-12418
0.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12418
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
References for CVE-2019-12418
-
https://www.oracle.com/security-alerts/cpuapr2020.html
Oracle Critical Patch Update Advisory - April 2020Patch;Third Party Advisory
-
https://security.gentoo.org/glsa/202003-43
Apache Tomcat: Multiple vulnerabilities (GLSA 202003-43) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
[security-announce] openSUSE-SU-2020:0038-1: important: Security updateMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Vendor Advisory
-
https://www.debian.org/security/2020/dsa-4680
Debian -- Security Information -- DSA-4680-1 tomcat9Third Party Advisory
-
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Vendor Advisory
-
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Vendor Advisory
-
https://www.debian.org/security/2019/dsa-4596
Debian -- Security Information -- DSA-4596-1 tomcat8Third Party Advisory
-
https://usn.ubuntu.com/4251-1/
USN-4251-1: Tomcat vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20200107-0001/
January 2020 Apache Tomcat Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ - Pony MailMailing List;Patch;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
[SECURITY] [DLA 2077-1] tomcat7 security updateMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E
[SECURITY] CVE-2019-12418 Local Privilege Escalation - Pony MailMailing List;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html
[SECURITY] [DLA 2155-1] tomcat8 security updateMailing List;Third Party Advisory
-
https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS
Third Party Advisory
-
https://seclists.org/bugtraq/2019/Dec/43
Bugtraq: [SECURITY] [DSA 4596-1] tomcat8 security updateMailing List;Third Party Advisory
Jump to