CVE-2012-4529
First published: Fri Oct 19 2012(Updated: )
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat JBoss Community Application Server | <=7.1.1 | |
| Red Hat JBoss Community Application Server | =5.0.0 | |
| Red Hat JBoss Community Application Server | =5.0.1 | |
| Red Hat JBoss Community Application Server | =5.1.0 | |
| Red Hat JBoss Community Application Server | =6.0.0 | |
| Red Hat JBoss Community Application Server | =6.1.0 | |
| Red Hat JBoss Community Application Server | =7.0.0 | |
| Red Hat JBoss Community Application Server | =7.0.1 | |
| Red Hat JBoss Community Application Server | =7.0.2 | |
| Red Hat JBoss Community Application Server | =7.1.0 | |
| JBoss Enterprise Application Platform | =6.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://issues.jboss.org/browse/JBWEB-249
- https://source.jboss.org/browse/JBossWeb/branches/7.2.x/src/main/java/org/apache/catalina/connector/Response.java?r2=2106&r1=2086
- https://access.redhat.com/knowledge/solutions/16169
- https://access.redhat.com/knowledge/solutions/64778
- http://docs.jboss.org/jbossweb/7.0.x/rewrite.html
- https://rhn.redhat.com/errata/RHSA-2013-0833.html
- https://rhn.redhat.com/errata/RHSA-2013-0834.html
- https://rhn.redhat.com/errata/RHSA-2013-0839.html
- https://rhn.redhat.com/errata/RHSA-2013-1437.html
- https://bugzilla.redhat.com/show_bug.cgi?id=868202
- http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/
- http://rhn.redhat.com/errata/RHSA-2013-0833.html
- http://rhn.redhat.com/errata/RHSA-2013-0834.html
- http://rhn.redhat.com/errata/RHSA-2013-0839.html
- http://rhn.redhat.com/errata/RHSA-2013-1437.html
Frequently Asked Questions
What is the severity of CVE-2012-4529?
CVE-2012-4529 has a medium severity rating, indicating potential risk for session hijacking.
How do I fix CVE-2012-4529?
To mitigate CVE-2012-4529, upgrade your Red Hat JBoss Web server to a version later than 7.1.1.
What versions are affected by CVE-2012-4529?
CVE-2012-4529 affects Red Hat JBoss Web versions 5.0.0 to 7.1.x, including specific minor versions.
What is the impact of CVE-2012-4529?
The impact of CVE-2012-4529 allows attackers to potentially hijack user sessions through man-in-the-middle attacks.
Is CVE-2012-4529 exploitable remotely?
Yes, CVE-2012-4529 is exploitable remotely, making it critical for users of the affected software to address this vulnerability.
- collector/redhat-bugzilla
- alias/CVE-2012-4529
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat jboss community application server
- version/red hat jboss community application server/7.1.1
- version/red hat jboss community application server/5.0.0
- version/red hat jboss community application server/5.0.1
- version/red hat jboss community application server/5.1.0
- version/red hat jboss community application server/6.0.0
- version/red hat jboss community application server/6.1.0
- version/red hat jboss community application server/7.0.0
- version/red hat jboss community application server/7.0.1
- version/red hat jboss community application server/7.0.2
- version/red hat jboss community application server/7.1.0
- canonical/jboss enterprise application platform
- version/jboss enterprise application platform/6.0.0