CVE-2023-41081: 
Alma Linux vulnerability analysis and mitigation

CVE-2023-41081 is an important authentication bypass vulnerability affecting Apache Tomcat Connectors (modjk) versions 1.2.0 through 1.2.48. The vulnerability was discovered by Karl von Randow and initially disclosed on September 13, 2023. This security issue specifically impacts the modjk component, while the ISAPI redirector remains unaffected (Apache Security).

The vulnerability occurs when a configuration includes 'JkOptions +ForwardDirectories' but lacks explicit mounts for all possible proxied requests. In such cases, mod_jk would implement an implicit mapping and direct the request to the first defined worker. The vulnerability has been assigned a CVSS 3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (NVD).

The vulnerability could result in the unintended exposure of the status worker and/or bypass security constraints configured in httpd. This could potentially lead to information disclosure and authentication bypass issues (Security Online).

The primary mitigation is to upgrade to Apache Tomcat Connector (mod_jk) version 1.2.49 or later, where the implicit mapping functionality has been completely removed. All mappings must now be configured explicitly. Alternatively, users can ensure explicit mounts are configured for all possible proxied requests if unable to upgrade immediately (Apache Security).