Bug 1216035 (CVE-2015-3155) - CVE-2015-3155 foreman: the _session_id cookie is issued without the Secure flag
Summary: CVE-2015-3155 foreman: the _session_id cookie is issued without the Secure flag
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-3155
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1215622
Blocks: 1145400 1216038 1253077
TreeView+ depends on / blocked
 
Reported: 2015-04-28 11:57 UTC by Vasyl Kaigorodov
Modified: 2023-05-12 14:03 UTC (History)
23 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-02-22 03:05:34 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1591 0 normal SHIPPED_LIVE Important: Red Hat Satellite 6.1.1 on RHEL 7 2015-08-12 08:49:40 UTC
Red Hat Product Errata RHSA-2015:1592 0 normal SHIPPED_LIVE Important: Red Hat Satellite 6.1.1 on RHEL 6 2015-08-12 09:04:35 UTC

Description Vasyl Kaigorodov 2015-04-28 11:57:51 UTC 
It was reported that the _session_id cookie in Foreman is set without the Secure flag.
This may allow an attacker to perform a "session hijacking" attack.

Upstream bug: http://projects.theforeman.org/issues/10275
Proposed fix: https://github.com/theforeman/foreman/pull/2328
Comment 1 Vasyl Kaigorodov 2015-04-29 15:48:03 UTC 
Acknowledgements:

Red Hat would like to thank Rufus Järnefelt of Coresec for reporting this issue.
Comment 2 errata-xmlrpc 2015-08-12 04:52:09 UTC 
This issue has been addressed in the following products:

  Red Hat Satellite 6.1

Via RHSA-2015:1591 https://access.redhat.com/errata/RHSA-2015:1591
Comment 3 errata-xmlrpc 2015-08-12 05:30:57 UTC 
This issue has been addressed in the following products:

  Red Hat Satellite 6.1

Via RHSA-2015:1592 https://access.redhat.com/errata/RHSA-2015:1592
Note You need to log in before you can comment on or make changes to this bug.