ID CVE-2015-5346
Summary Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. <a href="https://cwe.mitre.org/data/definitions/384.html">CWE-384: Session Fixation</a>
References
Vulnerable Configurations
  • cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
    cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 19-07-2018 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2016:1087
  • rhsa
    id RHSA-2016:1088
  • rhsa
    id RHSA-2016:1089
  • rhsa
    id RHSA-2016:2046
  • rhsa
    id RHSA-2016:2807
  • rhsa
    id RHSA-2016:2808
rpms
  • httpd24-0:2.4.6-61.ep7.el6
  • httpd24-debuginfo-0:2.4.6-61.ep7.el6
  • httpd24-devel-0:2.4.6-61.ep7.el6
  • httpd24-manual-0:2.4.6-61.ep7.el6
  • httpd24-tools-0:2.4.6-61.ep7.el6
  • mod_ldap24-0:2.4.6-61.ep7.el6
  • mod_proxy24_html-1:2.4.6-61.ep7.el6
  • mod_security-jws3-0:2.8.0-7.GA.ep7.el6
  • mod_security-jws3-debuginfo-0:2.8.0-7.GA.ep7.el6
  • mod_session24-0:2.4.6-61.ep7.el6
  • mod_ssl24-1:2.4.6-61.ep7.el6
  • tomcat7-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-admin-webapps-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-docs-webapp-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-el-2.2-api-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-javadoc-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-jsp-2.2-api-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-lib-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-log4j-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-servlet-3.0-api-0:7.0.59-50_patch_01.ep7.el6
  • tomcat7-webapps-0:7.0.59-50_patch_01.ep7.el6
  • tomcat8-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-admin-webapps-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-docs-webapp-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-el-2.2-api-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-javadoc-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-jsp-2.3-api-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-lib-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-log4j-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-servlet-3.1-api-0:8.0.18-61_patch_01.ep7.el6
  • tomcat8-webapps-0:8.0.18-61_patch_01.ep7.el6
  • httpd24-0:2.4.6-61.ep7.el7
  • httpd24-debuginfo-0:2.4.6-61.ep7.el7
  • httpd24-devel-0:2.4.6-61.ep7.el7
  • httpd24-manual-0:2.4.6-61.ep7.el7
  • httpd24-tools-0:2.4.6-61.ep7.el7
  • mod_ldap24-0:2.4.6-61.ep7.el7
  • mod_proxy24_html-1:2.4.6-61.ep7.el7
  • mod_security-jws3-0:2.8.0-7.GA.ep7.el7
  • mod_security-jws3-debuginfo-0:2.8.0-7.GA.ep7.el7
  • mod_session24-0:2.4.6-61.ep7.el7
  • mod_ssl24-1:2.4.6-61.ep7.el7
  • tomcat7-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-admin-webapps-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-docs-webapp-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-el-2.2-api-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-javadoc-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-jsp-2.2-api-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-lib-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-log4j-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-servlet-3.0-api-0:7.0.59-50_patch_01.ep7.el7
  • tomcat7-webapps-0:7.0.59-50_patch_01.ep7.el7
  • tomcat8-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-admin-webapps-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-docs-webapp-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-el-2.2-api-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-javadoc-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-jsp-2.3-api-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-lib-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-log4j-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-servlet-3.1-api-0:8.0.18-61_patch_01.ep7.el7
  • tomcat8-webapps-0:8.0.18-61_patch_01.ep7.el7
  • tomcat-0:7.0.54-8.el7_2
  • tomcat-admin-webapps-0:7.0.54-8.el7_2
  • tomcat-docs-webapp-0:7.0.54-8.el7_2
  • tomcat-el-2.2-api-0:7.0.54-8.el7_2
  • tomcat-javadoc-0:7.0.54-8.el7_2
  • tomcat-jsp-2.2-api-0:7.0.54-8.el7_2
  • tomcat-jsvc-0:7.0.54-8.el7_2
  • tomcat-lib-0:7.0.54-8.el7_2
  • tomcat-servlet-3.0-api-0:7.0.54-8.el7_2
  • tomcat-webapps-0:7.0.54-8.el7_2
  • tomcat7-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-admin-webapps-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-admin-webapps-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-docs-webapp-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-docs-webapp-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-el-2.2-api-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-el-2.2-api-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-javadoc-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-javadoc-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-jsp-2.2-api-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-jsp-2.2-api-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-lib-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-lib-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-log4j-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-log4j-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-maven-devel-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-maven-devel-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-servlet-3.0-api-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-servlet-3.0-api-0:7.0.54-23_patch_05.ep6.el7
  • tomcat7-webapps-0:7.0.54-23_patch_05.ep6.el6
  • tomcat7-webapps-0:7.0.54-23_patch_05.ep6.el7
refmap via4
bid 83323
bugtraq 20160222 [SECURITY] CVE-2015-5346 Apache Tomcat Session fixation
confirm
debian
  • DSA-3530
  • DSA-3552
  • DSA-3609
gentoo GLSA-201705-09
misc http://packetstormsecurity.com/files/135890/Apache-Tomcat-Session-Fixation.html
mlist [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
sectrack 1035069
suse
  • SUSE-SU-2016:0769
  • SUSE-SU-2016:0822
  • openSUSE-SU-2016:0865
ubuntu USN-3024-1
Last major update 19-07-2018 - 01:29
Published 25-02-2016 - 01:59
Last modified 19-07-2018 - 01:29
Back to Top