4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
46.1%
org.apache.tomcat:tomcat-catalina is vulnerable to Information Disclosure. The vulnerability is due to the setSecure
function in RemoteIpFilter.java
because http requests with the X-Forwarded-Proto
header set to https do not include the secure attribute, which could result in an session cookie being transmitted over an insecure channel.
bz.apache.org/bugzilla/show_bug.cgi?id=66471
github.com/advisories/GHSA-2c9m-w27f-53rm
github.com/apache/tomcat/commit/3b51230764da595bb19e8d0962dd8c69ab40dfab
github.com/apache/tomcat/commit/5b72c94e8b2c4ada63a1d91dc527bf4d8fd1f510
github.com/apache/tomcat/commit/c64d496dda1560b5df113be55fbfaefec349b50f
github.com/apache/tomcat/commit/f509bbf31fc00abe3d9f25ebfabca5e05173da5b
lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
tomcat.apache.org/security-10.html
tomcat.apache.org/security-11.html
tomcat.apache.org/security-8.html
tomcat.apache.org/security-9.html
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
46.1%