// For flags

CVE-2012-3546

Web: Bypass of security constraints

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.

org/apache/catalina/campo/RealmBase.java en Apache Tomcat v6.x antes de v6.0.36 y v7.x antes de v7.0.30, cuando se utiliza la autenticación de formularios, permite a atacantes remotos evitar restricciones de seguridad aprovechándose de una llamada setUserPrincipal anterior para luego colocar /j_security_check al final de una URI.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-06-14 CVE Reserved
  • 2012-12-05 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (45)
URL Tag Source
http://archives.neohapsis.com/archives/bugtraq/2012-12/0044.html Mailing List
http://secunia.com/advisories/51984 Third Party Advisory
http://secunia.com/advisories/52054 Third Party Advisory
http://secunia.com/advisories/57126 Third Party Advisory
http://svn.apache.org/viewvc?view=revision&revision=1377892 X_refsource_confirm
http://www.securityfocus.com/bid/56812 Vdb Entry
http://www.securitytracker.com/id?1027833 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305 Signature
URL Date SRC
URL Date SRC
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892 2017-09-19
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892 2017-09-19
URL Date SRC
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html 2017-09-19
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html 2017-09-19
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html 2017-09-19
http://marc.info/?l=bugtraq&m=136612293908376&w=2 2017-09-19
http://marc.info/?l=bugtraq&m=139344343412337&w=2 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0004.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0005.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0146.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0147.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0151.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0157.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0158.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0162.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0163.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0164.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0191.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0192.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0193.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0194.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0195.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0196.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0197.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0198.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0221.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0235.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0623.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0640.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0641.html 2017-09-19
http://rhn.redhat.com/errata/RHSA-2013-0642.html 2017-09-19
http://tomcat.apache.org/security-6.html 2017-09-19
http://tomcat.apache.org/security-7.html 2017-09-19
http://www.ubuntu.com/usn/USN-1685-1 2017-09-19
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878 2017-09-19
https://access.redhat.com/security/cve/CVE-2012-3546 2013-03-12
https://bugzilla.redhat.com/show_bug.cgi?id=883634 2013-03-12
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0
Search vendor "Apache" for product "Tomcat" and version "6.0"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.0
Search vendor "Apache" for product "Tomcat" and version "6.0.0"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.0
Search vendor "Apache" for product "Tomcat" and version "6.0.0"
alpha
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.1
Search vendor "Apache" for product "Tomcat" and version "6.0.1"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.1
Search vendor "Apache" for product "Tomcat" and version "6.0.1"
alpha
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.2
Search vendor "Apache" for product "Tomcat" and version "6.0.2"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.2
Search vendor "Apache" for product "Tomcat" and version "6.0.2"
alpha
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.2
Search vendor "Apache" for product "Tomcat" and version "6.0.2"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.3
Search vendor "Apache" for product "Tomcat" and version "6.0.3"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.4
Search vendor "Apache" for product "Tomcat" and version "6.0.4"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.5
Search vendor "Apache" for product "Tomcat" and version "6.0.5"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.6
Search vendor "Apache" for product "Tomcat" and version "6.0.6"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.7
Search vendor "Apache" for product "Tomcat" and version "6.0.7"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.8
Search vendor "Apache" for product "Tomcat" and version "6.0.8"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.9
Search vendor "Apache" for product "Tomcat" and version "6.0.9"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.9
Search vendor "Apache" for product "Tomcat" and version "6.0.9"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.10
Search vendor "Apache" for product "Tomcat" and version "6.0.10"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.11
Search vendor "Apache" for product "Tomcat" and version "6.0.11"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.12
Search vendor "Apache" for product "Tomcat" and version "6.0.12"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.13
Search vendor "Apache" for product "Tomcat" and version "6.0.13"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.14
Search vendor "Apache" for product "Tomcat" and version "6.0.14"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.15
Search vendor "Apache" for product "Tomcat" and version "6.0.15"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.16
Search vendor "Apache" for product "Tomcat" and version "6.0.16"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.17
Search vendor "Apache" for product "Tomcat" and version "6.0.17"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.18
Search vendor "Apache" for product "Tomcat" and version "6.0.18"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.19
Search vendor "Apache" for product "Tomcat" and version "6.0.19"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.20
Search vendor "Apache" for product "Tomcat" and version "6.0.20"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.24
Search vendor "Apache" for product "Tomcat" and version "6.0.24"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.26
Search vendor "Apache" for product "Tomcat" and version "6.0.26"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.27
Search vendor "Apache" for product "Tomcat" and version "6.0.27"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.28
Search vendor "Apache" for product "Tomcat" and version "6.0.28"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.29
Search vendor "Apache" for product "Tomcat" and version "6.0.29"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.30
Search vendor "Apache" for product "Tomcat" and version "6.0.30"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.31
Search vendor "Apache" for product "Tomcat" and version "6.0.31"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.32
Search vendor "Apache" for product "Tomcat" and version "6.0.32"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.33
Search vendor "Apache" for product "Tomcat" and version "6.0.33"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 6.0.35
Search vendor "Apache" for product "Tomcat" and version "6.0.35"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.0
Search vendor "Apache" for product "Tomcat" and version "7.0.0"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.0
Search vendor "Apache" for product "Tomcat" and version "7.0.0"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.1
Search vendor "Apache" for product "Tomcat" and version "7.0.1"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.2
Search vendor "Apache" for product "Tomcat" and version "7.0.2"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.2
Search vendor "Apache" for product "Tomcat" and version "7.0.2"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.3
Search vendor "Apache" for product "Tomcat" and version "7.0.3"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.4
Search vendor "Apache" for product "Tomcat" and version "7.0.4"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.4
Search vendor "Apache" for product "Tomcat" and version "7.0.4"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.5
Search vendor "Apache" for product "Tomcat" and version "7.0.5"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.6
Search vendor "Apache" for product "Tomcat" and version "7.0.6"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.7
Search vendor "Apache" for product "Tomcat" and version "7.0.7"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.8
Search vendor "Apache" for product "Tomcat" and version "7.0.8"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.9
Search vendor "Apache" for product "Tomcat" and version "7.0.9"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.10
Search vendor "Apache" for product "Tomcat" and version "7.0.10"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.11
Search vendor "Apache" for product "Tomcat" and version "7.0.11"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.12
Search vendor "Apache" for product "Tomcat" and version "7.0.12"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.13
Search vendor "Apache" for product "Tomcat" and version "7.0.13"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.14
Search vendor "Apache" for product "Tomcat" and version "7.0.14"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.15
Search vendor "Apache" for product "Tomcat" and version "7.0.15"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.16
Search vendor "Apache" for product "Tomcat" and version "7.0.16"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.17
Search vendor "Apache" for product "Tomcat" and version "7.0.17"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.18
Search vendor "Apache" for product "Tomcat" and version "7.0.18"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.19
Search vendor "Apache" for product "Tomcat" and version "7.0.19"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.20
Search vendor "Apache" for product "Tomcat" and version "7.0.20"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.21
Search vendor "Apache" for product "Tomcat" and version "7.0.21"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.22
Search vendor "Apache" for product "Tomcat" and version "7.0.22"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.23
Search vendor "Apache" for product "Tomcat" and version "7.0.23"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.25
Search vendor "Apache" for product "Tomcat" and version "7.0.25"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.28
Search vendor "Apache" for product "Tomcat" and version "7.0.28"
-
Affected