{"id":"CVE-2019-12418","details":"When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.","aliases":["GHSA-hh3j-x4mc-g48r"],"modified":"2026-04-16T04:30:16.538054556Z","published":"2019-12-23T18:15:10.753Z","related":["CGA-ph6q-8g38-cp58","SUSE-SU-2020:0029-1","SUSE-SU-2020:0226-1","SUSE-SU-2020:0632-1","SUSE-SU-2020:14375-1","SUSE-SU-2020:1497-1","SUSE-SU-2020:1498-1","openSUSE-SU-2020:0038-1","openSUSE-SU-2024:11468-1","openSUSE-SU-2024:13441-1"],"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://support.f5.com/csp/article/K10107360?utm_source=f5support&amp%3Butm_medium=RSS"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202003-43"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4680"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200107-0001/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4596"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Dec/43"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4251-1/"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/tomcat","events":[{"introduced":"e498667bd7811e846771a852b16ce9f1e524b81b"},{"last_affected":"1cfec207b09fed52965f0d0426059ca989daf3b4"},{"introduced":"e37b977db6f47e4380ad67114a49e8568951c953"},{"last_affected":"14bdacea996993a3b94ec0972cea92370e42ae4d"},{"introduced":"16bf392c67833ad549733b58c350ff92b5ee782a"},{"last_affected":"7c14efedba0cc81319efacb0e7f5129804e7b6f9"},{"introduced":"0"},{"last_affected":"16bf392c67833ad549733b58c350ff92b5ee782a"},{"introduced":"0"},{"last_affected":"4c8b650437e2464c1c31c6598a263b3805b7a81f"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"last_affected":"7.0.97"},{"introduced":"8.5.0"},{"last_affected":"8.5.47"},{"introduced":"9.0.0"},{"last_affected":"9.0.28"},{"introduced":"0"},{"last_affected":"9.0"},{"introduced":"0"},{"last_affected":"10.0"}]}}],"versions":["10.0.0","7.0.97","8.5.47","9.0.0","9.0.28"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12418.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"18c"}]},{"events":[{"introduced":"0"},{"last_affected":"19c"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"3.0.0"},{"last_affected":"3.1.3"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}