The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
2013-10-28T21:55:04.923
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | redhat | jboss_community_application_server | ≤ 7.1.1 | Yes |
| Application | redhat | jboss_community_application_server | 5.0.0 | Yes |
| Application | redhat | jboss_community_application_server | 5.0.1 | Yes |
| Application | redhat | jboss_community_application_server | 5.1.0 | Yes |
| Application | redhat | jboss_community_application_server | 6.0.0 | Yes |
| Application | redhat | jboss_community_application_server | 6.1.0 | Yes |
| Application | redhat | jboss_community_application_server | 7.0.0 | Yes |
| Application | redhat | jboss_community_application_server | 7.0.1 | Yes |
| Application | redhat | jboss_community_application_server | 7.0.2 | Yes |
| Application | redhat | jboss_community_application_server | 7.1.0 | Yes |
| Application | redhat | jboss_enterprise_application_platform | 6.0.0 | Yes |