Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

RecoverPoint for VMs: Security Vulnerabilities Related to Tomcat Default Passwords

Summary: In RecoverPoint for Virtual Machines 5.3.2 the default tomcat password was changed to be more secure and encrypted, but the password itself remains the default value. When a security check is run the following CVE may be triggered: CVE-2010-0557 ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

CVE-2010-0557 - This vulnerability revolves around using default credentials for the tomcat password, which is being used in RP4VMs 5.3.2.

From within the vRPA /etc/tomcat8/tomcat-users.xml log, the following can be witnessed:
  
<role rolename="manager-script"/>
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/>
NOTE: The string above in the password field is the default password in encrypted form.

Cause

Beginning in RP4VMs 5.3, default credentials are hard coded in the tomcat-users.xml for the tomcat manager, resulting in this vulnerability. In prior versions of RP4VMs, the password was not a default password.

Resolution

Workaround:
1. From root on a single vRPA run the following command and copy the output hash provided: 
/usr/share/tomcat8/bin/digest.sh -a SHA kashya
On all vRPAs, perform the following actions:

2. Navigate to /etc/tomcat8/tomcat-users.xml and use an editor such as VI to replace the user on this line with admin and the password with the new hash from Step 1:
Example of what is by default on each RPA: 
<user username="tomcat" password="cacca7676f4bc3bb4c58655e14ed135484628cc99b91e4383b257d5045852f48$1$762225945f39f905588d79a21d3902d31e0f4165" roles="manager-script"/> 

Example of what things will look like after the changes are made: 
<user username="admin" password="aded34aac27452989f6167e03da57ffe3d7820578f73c1478c2dff440fb87d69$1$2451452fc306442a0c3ef8232c18eb80f636d12d" roles="manager-script"/> 

3. Replace the credentials in the following files:
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_attached.bash
/home/kos/kbox/src/installation/Installation/scripts/tomcat_set_webapps_for_detached.bash

Each file has a section towards the top.  Make the following changes:

USER_TOMCAT="tomcat"
PASSWORD_TOMCAT="tomcat"

Change them to the following:

USER_TOMCAT="admin"
PASSWORD_TOMCAT="kashya"

4. Restart the tomcat service on the vRPA with the following root command: 
 systemctl restart tomcat8
OR reboot the vRPA

Resolution:
This issue has been addressed in RecoverPoint for VMs version 5.3.3 (5.3 SP3).

Affected Products

RecoverPoint for Virtual Machines
Article Properties
Article Number: 000191335
Article Type: Solution
Last Modified: 25 Sep 2023
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.