CVE-2010-0557 - This vulnerability revolves around using default credentials for the tomcat password, which is being used in RP4VMs 5.3.2.
From within the vRPA /etc/tomcat8/tomcat-users.xml log, the following can be witnessed:
<role rolename="manager-script"/>
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/>
NOTE: The string above in the password field is the default password in encrypted form.
Beginning in RP4VMs 5.3, default credentials are hard coded in the tomcat-users.xml for the tomcat manager, resulting in this vulnerability. In prior versions of RP4VMs, the password was not a default password.
Workaround:
1. From root on a
single vRPA run the following command and copy the output hash provided:
/usr/share/tomcat8/bin/digest.sh -a SHA kashya
On all vRPAs, perform the following actions:
2. Navigate to /etc/tomcat8/tomcat-users.xml and use an editor such as VI to replace the user on this line with admin and the password with the new hash from Step 1:
Example of what is by default on each RPA:
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/>
Example of what things will look like after the changes are made:
<user username="admin" password="aded34aac27452989f6167e03da57ffe3d7820578f73c1478c2dff440fb87d69$1$2451452fc306442a0c3ef8232c18eb80f636d12d" roles="manager-script"/>
3. Replace the credentials in the following files:
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_attached.bash
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_detached.bash
Each file has a section towards the top. Make the following changes:
USER_TOMCAT="tomcat"
PASSWORD_TOMCAT="tomcat"
Change them to the following:
USER_TOMCAT="admin"
PASSWORD_TOMCAT="kashya"
4. Restart the tomcat service on the vRPA with the following root command:
systemctl restart tomcat8
OR reboot the vRPA
Resolution:
This issue has been addressed in RecoverPoint for VMs version 5.3.3 (5.3 SP3).