CVE-2012-4529
First published: Fri Oct 19 2012(Updated: )
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Jboss Community Application Server | <=7.1.1 | |
| Redhat Jboss Community Application Server | =5.0.0 | |
| Redhat Jboss Community Application Server | =5.0.1 | |
| Redhat Jboss Community Application Server | =5.1.0 | |
| Redhat Jboss Community Application Server | =6.0.0 | |
| Redhat Jboss Community Application Server | =6.1.0 | |
| Redhat Jboss Community Application Server | =7.0.0 | |
| Redhat Jboss Community Application Server | =7.0.1 | |
| Redhat Jboss Community Application Server | =7.0.2 | |
| Redhat Jboss Community Application Server | =7.1.0 | |
| Redhat Jboss Enterprise Application Platform | =6.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://issues.jboss.org/browse/JBWEB-249
- https://source.jboss.org/browse/JBossWeb/branches/7.2.x/src/main/java/org/apache/catalina/connector/Response.java?r2=2106&r1=2086
- https://access.redhat.com/knowledge/solutions/16169
- https://access.redhat.com/knowledge/solutions/64778
- http://docs.jboss.org/jbossweb/7.0.x/rewrite.html
- https://rhn.redhat.com/errata/RHSA-2013-0833.html
- https://rhn.redhat.com/errata/RHSA-2013-0834.html
- https://rhn.redhat.com/errata/RHSA-2013-0839.html
- https://rhn.redhat.com/errata/RHSA-2013-1437.html
- https://bugzilla.redhat.com/show_bug.cgi?id=868202
- http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/
- http://rhn.redhat.com/errata/RHSA-2013-0833.html
- http://rhn.redhat.com/errata/RHSA-2013-0834.html
- http://rhn.redhat.com/errata/RHSA-2013-0839.html
- http://rhn.redhat.com/errata/RHSA-2013-1437.html
- collector/redhat-bugzilla
- alias/CVE-2012-4529
- collector/nvd-index
- agent/severity
- agent/author
- agent/first-publish-date
- agent/softwarecombine
- agent/type
- agent/event
- agent/last-modified-date
- agent/tags
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat jboss community application server
- version/redhat jboss community application server/7.1.1
- version/redhat jboss community application server/5.0.0
- version/redhat jboss community application server/5.0.1
- version/redhat jboss community application server/5.1.0
- version/redhat jboss community application server/6.0.0
- version/redhat jboss community application server/6.1.0
- version/redhat jboss community application server/7.0.0
- version/redhat jboss community application server/7.0.1
- version/redhat jboss community application server/7.0.2
- version/redhat jboss community application server/7.1.0
- canonical/redhat jboss enterprise application platform
- version/redhat jboss enterprise application platform/6.0.0