Main Vulnerability Database Vulnerabilities #VU73957

#VU73957 Sensitive cookie in HTTPS session without Secure attribute in Apache Tomcat - CVE-2023-28708

Published: March 22, 2023

Vulnerability identifier: #VU73957

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-28708

CWE-ID: CWE-614

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Apache Tomcat

Software vendor:
Apache Foundation

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to Apache Tomcat does not set the "Secure" attribute for the JSESSIONID session cookie when using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https. A remote attacker can force the application to transmit cookie via an insecure channel and intercept it.

Remediation

Install updates from vendor's website.

External links

https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67

#VU73957 Sensitive cookie in HTTPS session without Secure attribute in Apache Tomcat - CVE-2023-28708

Description

Remediation

External links

Please verify you're human