Lucene search

GitHub Advisory DatabaseGHSA-JRCP-C39H-R29X

HistoryMay 14, 2022 - 3:13 a.m.

Improper Neutralization of Input During Web Page Generation in Apache Tomcat

2022-05-1403:13:01

CWE-79

GitHub Advisory Database

github.com

apache tomcat

session fixation

remote attackers

web sessions

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.009

Percentile

83.2%

JSON

Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.

Affected configurations

Vulners

Node

org.apache.tomcattomcatRange7.0.0–7.0.65

org.apache.tomcattomcatRange8.0.0.RC1–8.0.30

org.apache.tomcattomcatMatch9.0.0.m1

VendorProductVersionCPE
org.apache.tomcattomcat*cpe:2.3:a:org.apache.tomcat:tomcat:*:*:*:*:*:*:*:*
org.apache.tomcattomcat9.0.0.m1cpe:2.3:a:org.apache.tomcat:tomcat:9.0.0.m1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
org.apache.tomcat	tomcat	*	cpe:2.3:a:org.apache.tomcat:tomcat::::::::
org.apache.tomcat	tomcat	9.0.0.m1	cpe:2.3:a:org.apache.tomcat:tomcat:9.0.0.m1:::::::*

References

lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

packetstormsecurity.com/files/135890/Apache-Tomcat-Session-Fixation.html

rhn.redhat.com/errata/RHSA-2016-1089.html

rhn.redhat.com/errata/RHSA-2016-2046.html

rhn.redhat.com/errata/RHSA-2016-2807.html

rhn.redhat.com/errata/RHSA-2016-2808.html

seclists.org/bugtraq/2016/Feb/143

svn.apache.org/viewvc?view=revision&revision=1713184

svn.apache.org/viewvc?view=revision&revision=1713185

svn.apache.org/viewvc?view=revision&revision=1713187

svn.apache.org/viewvc?view=revision&revision=1723414

svn.apache.org/viewvc?view=revision&revision=1723506

tomcat.apache.org/security-7.html

tomcat.apache.org/security-8.html

tomcat.apache.org/security-9.html

www.debian.org/security/2016/dsa-3530

www.debian.org/security/2016/dsa-3552

www.debian.org/security/2016/dsa-3609

www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

www.ubuntu.com/usn/USN-3024-1

access.redhat.com/errata/RHSA-2016:1087

access.redhat.com/errata/RHSA-2016:1088

bto.bluecoat.com/security-advisory/sa118

bz.apache.org/bugzilla/show_bug.cgi?id=58809

github.com/advisories/GHSA-jrcp-c39h-r29x

github.com/apache/tomcat/commit/04164c1f01b973e548d95511d417f414ca723cb8

github.com/apache/tomcat/commit/6287be37d8d06c320215c45f7e2b8380411692e0

github.com/apache/tomcat/commit/83679b99cd40caa401d173c8f8e72fc98eb5d5be

github.com/apache/tomcat80/commit/41fbee7ba15435a831f765597ff907c56ebf2169

github.com/apache/tomcat80/commit/c39b7ffc2145644f7f3cf9e3cd4aada5048e56a0

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

nvd.nist.gov/vuln/detail/CVE-2015-5346

security.gentoo.org/glsa/201705-09

security.netapp.com/advisory/ntap-20180531-0001

web.archive.org/web/20160321234551/www.securitytracker.com/id/1035069

web.archive.org/web/20160912063818/www.securityfocus.com/bid/83323

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.009

Percentile

83.2%

JSON

Related for GHSA-JRCP-C39H-R29X