Description
The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
Remediation
References
http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
http://security-tracker.debian.net/tracker/CVE-2008-0128
http://www.debian.org/security/2008/dsa-1468
http://www.securityfocus.com/bid/27365
http://secunia.com/advisories/28549
http://secunia.com/advisories/28552
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://secunia.com/advisories/29242
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/31493
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
http://secunia.com/advisories/33668
http://www.vupen.com/english/advisories/2009/0233
http://www.vupen.com/english/advisories/2008/0192
https://exchange.xforce.ibmcloud.com/vulnerabilities/39804
http://www.securityfocus.com/archive/1/500412/100/0/threaded
http://www.securityfocus.com/archive/1/500396/100/0/threaded
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Related Vulnerabilities
CVE-2023-32313 Vulnerability in npm package vm2
CVE-2022-23812 Vulnerability in npm package node-ipc
CVE-2022-31108 Vulnerability in maven package org.webjars.bower:mermaid
CVE-2023-28462 Vulnerability in maven package fish.payara.server:payara-aggregator
CVE-2019-14540 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind