Skip to content
Nuclei Templates

Apache Tomcat JK Connect <=1.2.44 - Manager Access

ID: CVE-2018-11759

Severity: high

Author: harshbothra_

Tags: cve2018,cve,apache,tomcat,httpd,mod-jk

Description

Section titled “Description”

Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 allows specially constructed requests to expose application functionality through the reverse proxy. It is also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.

YAML Source

Section titled “YAML Source”
id: CVE-2018-11759


info:
  name: Apache Tomcat JK Connect <=1.2.44 - Manager Access
  author: harshbothra_
  severity: high
  description: |
    Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 allows specially constructed requests to expose application functionality through the reverse proxy. It is also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.
  impact: |
    Unauthenticated attackers can gain unauthorized access to the Apache Tomcat Manager interface, potentially leading to further compromise of the server.
  remediation: |
    Upgrade to a patched version of Apache Tomcat JK Connect (1.2.45 or higher) or apply the recommended security patches.
  reference:
    - https://github.com/immunIT/CVE-2018-11759
    - https://lists.apache.org/thread.html/6d564bb0ab73d6b3efdd1d6b1c075d1a2c84ecd84a4159d6122529ad@%3Cannounce.tomcat.apache.org%3E
    - https://lists.debian.org/debian-lts-announce/2018/12/msg00007.html
    - https://nvd.nist.gov/vuln/detail/CVE-2018-11759
    - https://access.redhat.com/errata/RHSA-2019:0366
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2018-11759
    cwe-id: CWE-22
    epss-score: 0.96552
    epss-percentile: 0.99592
    cpe: cpe:2.3:a:apache:tomcat_jk_connector:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: apache
    product: tomcat_jk_connector
    shodan-query:
      - title:"Apache Tomcat"
      - http.title:"apache tomcat"
    fofa-query: title="apache tomcat"
    google-query: intitle:"apache tomcat"
  tags: cve2018,cve,apache,tomcat,httpd,mod-jk


http:
  - method: GET
    path:
      - '{{BaseURL}}/jkstatus'
      - '{{BaseURL}}/jkstatus;'


    matchers-condition: and
    matchers:
      - type: word
        words:
          - "JK Status Manager"


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100f275bc551a60cf2b2a7a747f2998d348d6444852778990403a2d46ecdf1bf660022076e782733238bf5b48ce719c9228f1c63de8f6570235824c792791f3bc590149:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-11759.yaml"

View on Github