Vulnerability Details : CVE-2012-4529
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
Products affected by CVE-2012-4529
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_community_application_server:7.0.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-4529
0.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-4529
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2012-4529
-
http://rhn.redhat.com/errata/RHSA-2013-0834.html
RHSA-2013:0834 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1437.html
Red Hat Customer PortalVendor Advisory
-
https://issues.jboss.org/browse/JBWEB-249
[JBWEB-249] Session Id is appended as URL path parameter even if disabled - JBoss Issue Tracker
-
http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/
Session Id is appended as URL path parameter in very first request | OCPsoft
-
http://rhn.redhat.com/errata/RHSA-2013-0833.html
RHSA-2013:0833 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-0839.html
RHSA-2013:0839 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to