CVE-2013-2051

Published: Jul 9, 2013Modified: Apr 29, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.

Affected (1)

Products: Redhat: Enterprise Linux

1 product

Enterprise Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0

Related CWEs

References (6)

http://rhn.redhat.com/errata/RHSA-2013-0869.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/60187

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=959047

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0869.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/60187

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=959047

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.