Description
The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
Remediation
References
http://issues.apache.org/bugzilla/show_bug.cgi?id=41217
http://security-tracker.debian.net/tracker/CVE-2008-0128
http://www.debian.org/security/2008/dsa-1468
http://www.securityfocus.com/bid/27365
http://secunia.com/advisories/28549
http://secunia.com/advisories/28552
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
http://secunia.com/advisories/29242
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://secunia.com/advisories/31493
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
http://secunia.com/advisories/33668
http://www.vupen.com/english/advisories/2009/0233
http://www.vupen.com/english/advisories/2008/0192
https://exchange.xforce.ibmcloud.com/vulnerabilities/39804
http://www.securityfocus.com/archive/1/500412/100/0/threaded
http://www.securityfocus.com/archive/1/500396/100/0/threaded
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Related Vulnerabilities
CVE-2018-20677 Vulnerability in maven package org.webjars:bootstrap-sass
CVE-2012-4458 Vulnerability in maven package org.apache.qpid:qpid-common
CVE-2023-50730 Vulnerability in maven package edu.gemini:gsp-graphql-core_native0.4_3
CVE-2023-31103 Vulnerability in maven package org.apache.inlong:manager-web