Miggo Logo
Miggo Vulnerability Database
CVE-2007-5342

CVE-2007-5342: JULI logging component in Apache Tomcat does not restrict certain permissions for web applications

6.4

CVSS Score

Basic Information

CVE ID
CVE-2007-5342
GHSA ID
GHSA-w65j-cmqc-37p2
EPSS Score
0.93566%
CWE
CWE-284
Published
5/1/2022
Updated
9/22/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.tomcat:tomcat-julimaven>= 5.5.9, <= 5.5.25
org.apache.tomcat:tomcat-julimaven>= 6.0.0, <= 6.0.15

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the default catalina.policy file granting AllPermission to tomcat-juli.jar (via 'permission java.security.AllPermission'). This allowed untrusted web applications to manipulate JULI's FileHandler settings. The patch (revision 606594) specifically replaces AllPermission with granular permissions, confirming that the vulnerable entry was the over-permissive policy rule controlling access to FileHandler's configuration attributes.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** ****ult **t*lin*.poli*y in t** JULI lo**in* *ompon*nt in *p**** Tom**t *.*.* t*rou** *.*.** *n* *.*.* t*rou** *.*.** *o*s not r*stri*t **rt*in p*rmissions *or w** *ppli**tions, w*i** *llows *tt**k*rs to mo*i*y lo**in* *on*i*ur*tion options *n* ov

Reasoning

T** vuln*r**ility st*ms *rom t** ****ult `**t*lin*.poli*y` *il* *r*ntin* `*llP*rmission` to `tom**t-juli.j*r` (vi* 'p*rmission j*v*.s**urity.*llP*rmission'). T*is *llow** untrust** w** *ppli**tions to m*nipul*t* JULI's `*il***n*l*r` s*ttin*s. T** p*t