关联漏洞
标题:
Apache Tomcat 安全漏洞
(CVE-2024-52316)
描述:Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat存在安全漏洞,该漏洞源于存在未检查的错误条件漏洞,可能会在身份验证过程中抛出异常,从而允许用户绕过身份验证过程。
描述
CVE-2024-52316 - Apache Tomcat Authentication Bypass Vulnerability
介绍
🚨🚨CVE-2024-52316🚨🚨
🚨🚨CVE-2024-52316 - Apache Tomcat Authentication Bypass Vulnerability
Overview
CVE202452316 is an authentication bypass vulnerability identified in Apache Tomcat. This issue arises when Tomcat is configured with a custom Jakarta Authentication (formerly JASPIC) `ServerAuthContext` component. If an exception occurs during the authentication process and the component does not explicitly set an HTTP status code to indicate failure, the authentication process may incorrectly succeed, allowing an attacker to bypass authentication.
Affected Versions
The following versions of Apache Tomcat are affected by this vulnerability:
| Version Series | Affected Versions |
|---------------------|----------------------------------|
| Apache Tomcat 11.0 | Versions prior to 11.0.0 |
| Apache Tomcat 10.1 | Versions prior to 10.1.31 |
| Apache Tomcat 9.0 | Versions prior to 9.0.96 |
Exploitability
Attack Vector
Exploitation: An attacker could exploit this vulnerability by manipulating the authentication flow to trigger an exception in the custom `ServerAuthContext`. If the exception is not properly handled (i.e., no failure status is set), the attacker could gain unauthorized access.
Potential Impact:
Unauthorized access to sensitive data.
System compromise or privilege escalation.
Circumvention of resource isolation mechanisms.
Mitigation
Upgrades
It is strongly recommended to upgrade to a patched version of Apache Tomcat to address this issue:
Apache Tomcat 11.0.0 or later.
Apache Tomcat 10.1.31 or later.
Apache Tomcat 9.0.96 or later.
Configuration Best Practices
1. Ensure any custom Jakarta Authentication `ServerAuthContext` components properly handle exceptions and explicitly set failure HTTP status codes (`401 Unauthorized` or `403 Forbidden`).
2. Regularly audit custom authentication logic for security flaws.
References
Apache Tomcat Security Advisory for CVE202452316](https://tomcat.apache.org/security11.html)
Apache Mailing List Discussion](https://lists.apache.org/thread/dz6nv1j2mm1m3hqfxdtt392qlo7xf6z0)
Apache Tomcat Downloads](https://tomcat.apache.org/download11.cgi)
文件快照
[4.0K] /data/pocs/89f64277800ffbbd6c5534230b791ba6363c31f5
├── [1.5K] CVE-2024-52316.py
└── [2.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。