Vulnerability Description
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Tomcat | >= 6.0.0, <= 6.0.45 |
| Canonical | Ubuntu Linux | 16.04 |
| Debian | Debian Linux | 8.0 |
| Redhat | Jboss Enterprise Web Server | 3.0.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Eus | 7.4 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.4 |
| Redhat | Enterprise Linux Server Tus | 7.6 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Netapp | Oncommand Insight | - |
| Netapp | Oncommand Shift | - |
| Netapp | Snap Creator Framework | - |
| Oracle | Communications Diameter Signaling Router | >= 8.0.0, <= 8.5.0 |
| Oracle | Tekelec Platform Distribution | >= 7.4.0, <= 7.7.1 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
- http://www.debian.org/security/2016/dsa-3720Third Party Advisory
- http://www.securityfocus.com/bid/93939Broken Link
- http://www.securitytracker.com/id/1037144Broken Link
- https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
- https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557a
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e8
- https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbea
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c
- https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f9
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e
FAQ
What is CVE-2016-0762?
CVE-2016-0762 is a vulnerability with a CVSS score of 5.9 (MEDIUM). The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied...
How severe is CVE-2016-0762?
CVE-2016-0762 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-0762?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Canonical Ubuntu Linux, Debian Debian Linux, Redhat Jboss Enterprise Web Server, Redhat Enterprise Linux Desktop.