=====================================================================

                                CERT-Renater

                      Note d'Information No. 2023/VULN315

_____________________________________________________________________

DATE                : 13/09/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache Tomcat Connectors mod_jk
                           Connector versions prior to 1.2.49.

=====================================================================
https://lists.apache.org/thread/rd1r26w7271jyqgzr4492tooyt583d8b
_____________________________________________________________________

[SECURITY] CVE-2023-41081 Apache Tomcat Connectors (mod_jk)
Information Disclosure CVE-2023-41081 Apache Tomcat Connectors
(mod_jk) Information Disclosure

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
- Apache Tomcat Connectors mod_jk Connector 1.2.0 to 1.2.48

Description:
In some circumstances, such as when a configuration included
"JkOptions +ForwardDirectories" but the configuration did not
provide explicit mounts for all possible proxied requests,
mod_jk would use an implicit mapping and map the request to
the first defined worker. Such an implicit mapping could result
in the unintended exposure of the status worker and/or bypass security
constraints configured in httpd. As of JK 1.2.49, the implicit
mapping functionality has been removed and all mappings must now
be via explicit configuration.
Only mod_jk is affected by this issue. The ISAPI redirector is
not affected.


Mitigation:
Users of affected versions should apply one of the following
mitigations:
- Upgrade to Apache Tomcat Connector (mod_jk) 1.2.49 or later.
- Ensure explicit mounts are configured for all possible proxied
    requests


Credit:
This vulnerability was reported responsibly to the Tomcat
security team by Karl von Randow.


References:
[1] http://tomcat.apache.org/security-jk.html



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================