Vulnerability Name:

CVE-2014-0033 (CCN-91423)

Assigned:2013-12-03
Published:2014-02-25
Updated:2019-04-15
Summary:org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-0033

Source: CCN
Type: RHSA-2014-0525
Moderate: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: CCN
Type: SA58020
IBM Security AppScan Apache Tomcat Session Fixation Vulnerability

Source: CCN
Type: SA58152
IBM Rational Policy Tester Apache Tomcat Session Fixation Vulnerability

Source: SECUNIA
Type: UNKNOWN
59036

Source: SECUNIA
Type: UNKNOWN
59722

Source: SECUNIA
Type: UNKNOWN
59873

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1558822

Source: CCN
Type: Apache SVN Repository
Revision 1149220

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CCN
Type: IBM Security Bulletin 1670941
IBM Security AppScan Enterprise can be affected by multiple vulnerabilities in Apache Tomcat (CVE-2014-0033, CVE-2013-4322)

Source: CCN
Type: IBM Security Bulletin 1670942
IBM Rational Policy Tester can be affected by multiple vulnerabilities in Apache Tomcat (CVE-2014-0033, CVE-2013-4322)

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21675886

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21677147

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678231

Source: DEBIAN
Type: UNKNOWN
DSA-3530

Source: CCN
Type: IBM Security Bulletin 1669383
Apache Tomcat and FileUpload Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0050, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1671862
IBM Initiate Master Data Service is affected by vulnerabilities in Apache Tomcat (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322)

Source: CCN
Type: IBM Security Bulletin 1672321
Apache Tomcat and FileUpload Vulnerabilities in IBM UrbanCode Release (CVE-2014-0050, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1673072
Rational Directory Server could be affected by vulnerabilities in Apache Tomcat server (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, and CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1675006
Multiple Apache Tomcat vulnerabilities in IBM Algo Audit and Compliance (CVE-2013-4286, CVE-2013-4322, CVE-2013-4590, CVE-2014-0033)

Source: CCN
Type: IBM Security Bulletin 1675886
IBM Rational Connector for SAP Solution Manager (CVE-2013-4286 CVE-2014-0033 CVE-2013-4322 CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1676186
Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1677147
Multiple vulnerabilities in Apache Tomcat used by IBM QRadar Security Information and Event Manager 7.1 MR2, and 7.2 MR2. (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

Source: CCN
Type: IBM Security Bulletin 1677448
IBM OpenPages GRC Platform, multiple vulnerabilities in bundled version of Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 1678231
Rational Lifecycle Adapter for HP ALM Apache Tomcat fix (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1678892
Tivoli Application Dependency Discovery Manager - Open Source Tomcat issues reported between March - May 2014.

Source: CCN
Type: IBM Security Bulletin 1680754
Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4(CVE-2013-4286,CVE-2012-3544,CVE-2013-4322,CVE-2013-4590,CVE-2014-0033)

Source: CCN
Type: IBM Security Bulletin 1687761
IBM Algo One is affected by multiple Open Source Tomcat security vulnerabilities (CVE-2013-4444, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)

Source: CCN
Type: Oracle Critical Patch Update Advisory - July 2014
Oracle Critical Patch Update Advisory - July 2014

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
65769

Source: CCN
Type: BID-65769
Apache Tomcat CVE-2014-0033 Session Fixation Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-2130-1

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: CCN
Type: Red Hat Bugzilla Bug 1069919
CVE-2014-0033 tomcat: session fixation still possible with disableURLRewriting enabled

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=1069919

Source: XF
Type: UNKNOWN
tomcat-cve20140033-session-hijacking(91423)

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: IBM Security Bulletin 6595755 (Disconnected Log Collector)
IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-0033

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:rational_policy_tester:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_directory_server:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_directory_server:5.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_directory_server:5.2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_directory_server:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_directory_server:5.1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:algo_audit_and_compliance:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:initiate_master_data_service:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:initiate_master_data_service:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode:6.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:3.0.0.4:-:community:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.0.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_connector:4:*:*:*:sap_solution_manager:*:*:*
  • OR cpe:/a:ibm:openpages_grc_platform:6.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:openpages_grc_platform:6.1.0.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.cisecurity:def:585
    P
    		DSA-3530-1 -- tomcat6 -- security update
    2016-07-01
    oval:org.mitre.oval:def:24367
    P
    		USN-2130-1 -- tomcat6, tomcat7 vulnerabilities
    2014-06-30
    oval:com.ubuntu.precise:def:20140033000
    V
    		CVE-2014-0033 on Ubuntu 12.04 LTS (precise) - low.
    2014-02-26
    oval:com.ubuntu.trusty:def:20140033000
    V
    		CVE-2014-0033 on Ubuntu 14.04 LTS (trusty) - low.
    2014-02-26
    BACK
    apache tomcat 6.0.33
    apache tomcat 6.0.34
    apache tomcat 6.0.35
    apache tomcat 6.0.36
    apache tomcat 6.0.37
    apache tomcat 6.0.33
    apache tomcat 6.0.35
    ibm security appscan 8.5
    ibm rational policy tester 8.5
    ibm rational directory server 5.2
    ibm security appscan 8.6
    ibm qradar security information and event manager 7.1
    ibm rational directory server 5.2.0.1
    ibm rational directory server 5.2.0.2
    ibm rational directory server 5.1.1
    ibm rational directory server 5.1.1.1
    ibm security appscan 8.7.0.0 -
    ibm qradar security information and event manager 7.2
    ibm security appscan 8.5
    ibm security appscan 8.6
    ibm security appscan 8.7
    ibm security appscan 8.8
    ibm security appscan 9.0
    ibm security appscan 8.8
    ibm urbancode 6.0
    ibm urbancode 6.0.1
    ibm algo audit and compliance 2.1
    ibm initiate master data service 10.0.0
    ibm initiate master data service 10.1.0
    ibm urbancode 6.0.0.1
    ibm urbancode 6.0.1.1
    ibm urbancode 6.0.1.2
    ibm urbancode 6.0.1.3
    ibm security appscan 9.0
    ibm tivoli application dependency discovery manager 7.2
    ibm tivoli application dependency discovery manager 7.2.1
    ibm tivoli application dependency discovery manager 7.2.2
    ibm websphere application server 3.0.0.4 -
    ibm rational collaborative lifecycle management 3.0.1
    ibm rational collaborative lifecycle management 4.0
    ibm rational collaborative lifecycle management 3.0.1.6
    ibm rational collaborative lifecycle management 4.0.1
    ibm rational collaborative lifecycle management 4.0.2
    ibm rational collaborative lifecycle management 4.0.3
    ibm rational collaborative lifecycle management 4.0.4
    ibm rational collaborative lifecycle management 4.0.5
    ibm rational collaborative lifecycle management 4.0.6
    ibm tivoli application dependency discovery manager 7.1.2
    ibm urbancode deploy 6.0
    ibm urbancode deploy 6.0.1
    ibm urbancode deploy 6.0.1.1
    ibm urbancode deploy 6.0.1.2
    ibm urbancode deploy 6.0.1.3
    ibm rational connector 4
    ibm openpages grc platform 6.0.1.5
    ibm openpages grc platform 6.1.0.1