Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000191335

RecoverPoint for VMs: Security Vulnerabilities Related to Tomcat Default Passwords

Summary: In RecoverPoint for Virtual Machines 5.3.2 the default tomcat password was changed to be more secure and encrypted, but the password itself remains the default value. When a security check is run the following CVE may be triggered: CVE-2010-0557 ...

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

CVE-2010-0557 - This vulnerability revolves around using default credentials for the tomcat password, which is being used in RP4VMs 5.3.2.

From within the vRPA /etc/tomcat8/tomcat-users.xml log, the following can be witnessed:
  
<role rolename="manager-script"/>
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/>
NOTE: The string above in the password field is the default password in encrypted form.

Cause

Beginning in RP4VMs 5.3, default credentials are hard coded in the tomcat-users.xml for the tomcat manager, resulting in this vulnerability. In prior versions of RP4VMs, the password was not a default password.

Resolution

Workaround:
1. From root on a single vRPA run the following command and copy the output hash provided: 
/usr/share/tomcat8/bin/digest.sh -a SHA kashya
On all vRPAs, perform the following actions:

2. Navigate to /etc/tomcat8/tomcat-users.xml and use an editor such as VI to replace the user on this line with admin and the password with the new hash from Step 1:
Example of what is by default on each RPA: 
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/> 

Example of what things will look like after the changes are made: 
<user username="admin" password="aded34aac27452989f6167e03da57ffe3d7820578f73c1478c2dff440fb87d69$1$2451452fc306442a0c3ef8232c18eb80f636d12d" roles="manager-script"/> 

3. Replace the credentials in the following files:
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_attached.bash
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_detached.bash

Each file has a section towards the top.  Make the following changes:

USER_TOMCAT="tomcat"
PASSWORD_TOMCAT="tomcat"

Change them to the following:

USER_TOMCAT="admin"
PASSWORD_TOMCAT="kashya"

4. Restart the tomcat service on the vRPA with the following root command: 
 systemctl restart tomcat8
OR reboot the vRPA

Resolution:
This issue has been addressed in RecoverPoint for VMs version 5.3.3 (5.3 SP3).

Article Properties

Affected Product

RecoverPoint for Virtual Machines

Last Published Date

25 Sep 2023

Version

5

Article Type

Solution

Back to Top