Description
The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
Remediation
References
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/28549
http://secunia.com/advisories/28552
http://secunia.com/advisories/29242
http://secunia.com/advisories/31493
http://secunia.com/advisories/33668
http://security-tracker.debian.net/tracker/CVE-2008-0128
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
http://www.debian.org/security/2008/dsa-1468
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securityfocus.com/archive/1/500396/100/0/threaded
http://www.securityfocus.com/archive/1/500412/100/0/threaded
http://www.securityfocus.com/bid/27365
http://www.vupen.com/english/advisories/2008/0192
http://www.vupen.com/english/advisories/2009/0233
https://exchange.xforce.ibmcloud.com/vulnerabilities/39804
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Related Vulnerabilities
CVE-2021-21412 Vulnerability in npm package egf
CVE-2018-1002204 Vulnerability in maven package org.webjars.npm:adm-zip
CVE-2023-45143 Vulnerability in npm package undici
CVE-2022-25892 Vulnerability in npm package muhammara
CVE-2023-31206 Vulnerability in maven package org.apache.inlong:manager-test