Vulnerability Name:

CVE-2023-28708 (CCN-250740)

Assigned:2023-03-22
Published:2023-03-22
Updated:2023-03-27
Summary:Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the missing of secure attribute in some configurations for JSESSIONID Cookie when using the RemoteIpFilter. By sniffing the network traffic, an attacker could exploit this vulnerability to obtain session cookie information, and use this information to launch further attacks against the affected system.
CVSS v3 Severity:4.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)
3.8 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2023-28708

Source: XF
Type: UNKNOWN
apache-cve202328708-info-disc(250740)

Source: CCN
Type: OSS Mailing List, Wed, 22 Mar 2023 10:12:50 +0000
CVE-2023-28708: Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations

Source: CCN
Type: Apache Web site
Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 6981763 (App connect professional)
Vulnerability in Apache Tomcat affects App Connect Professional.

Source: CCN
Type: IBM Security Bulletin 6989099 (Cloud Pak for Network Automation)
IBM Cloud Pak for Network Automation 2.4.6 fixes multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6999555 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7002181 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 7005851 (Operational Decision Manager)
IBM Operational Decision Manager June 2023 - Multiple CVEs

Source: CCN
Type: IBM Security Bulletin 7007057 (InfoSphere Information Server)
IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache Tomcat (CVE-2023-28708, CVE-2023-24998)

Source: CCN
Type: IBM Security Bulletin 7007375 (Process Mining)
Vulnerability in Apache Tomcat affects IBM Process Mining . Multiple CVEs

Source: CCN
Type: IBM Security Bulletin 7007899 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an information exposure in Apache Tomcat (CVE-2023-28708)

Source: CCN
Type: IBM Security Bulletin 7009747 (Watson Knowledge Catalog on-prem)
Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 7009933 (Watson Assistant for Cloud Pak for Data)
IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache Tomcat sensitive information disclosure vulnerability( CVE-2023-28708)

Source: CCN
Type: IBM Security Bulletin 7010099 (QRadar SIEM)
IBM QRadar SIEM includes components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7014365 (Maximo Application Suite)
Apache Commons FileUpload and Apache Tomcat are vulnerable to CVE-2023-24998, CVE-2022-45143, and CVE-2023-28708 used in IBM Maximo Application Suite - Monitor Component

Source: CCN
Type: IBM Security Bulletin 7015865 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:8.5.85:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.5:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:operational_decision_manager:8.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache tomcat 9.0.0 m1
    apache tomcat 8.5.0
    apache tomcat 8.5.85
    apache tomcat 10.1.5
    ibm infosphere information server 11.7
    ibm operational decision manager 8.10
    ibm qradar security information and event manager 7.5.0 -
    ibm cloud pak for security 1.10.0.0