Description

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Remediation

References

http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

http://issues.apache.org/bugzilla/show_bug.cgi?id=41217

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

http://rhn.redhat.com/errata/RHSA-2008-0630.html

http://secunia.com/advisories/28549

http://secunia.com/advisories/28552

http://secunia.com/advisories/29242

http://secunia.com/advisories/31493

http://secunia.com/advisories/33668

http://security-tracker.debian.net/tracker/CVE-2008-0128

http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

http://www.debian.org/security/2008/dsa-1468

http://www.redhat.com/support/errata/RHSA-2008-0261.html

http://www.securityfocus.com/archive/1/500396/100/0/threaded

http://www.securityfocus.com/archive/1/500412/100/0/threaded

http://www.securityfocus.com/bid/27365

http://www.vupen.com/english/advisories/2008/0192

http://www.vupen.com/english/advisories/2009/0233

https://exchange.xforce.ibmcloud.com/vulnerabilities/39804

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2023-41329 Vulnerability in maven package com.github.tomakehurst:wiremock-jre8

CVE-2021-4264 Vulnerability in maven package org.webjars.bower:dustjs-linkedin

CVE-2021-21348 Vulnerability in maven package com.thoughtworks.xstream:xstream

CVE-2021-39153 Vulnerability in maven package com.thoughtworks.xstream:xstream

CVE-2020-35149 Vulnerability in maven package org.webjars.npm:mquery

Severity

Critical

Classification

CWE-16

Tags

Patch Vendor Advisory