Vulnerability-Lookup

WID-SEC-W-2025-1826

Vulnerability from csaf_certbund - Published: 2025-08-13 22:00 - Updated: 2025-11-19 23:00

Summary

Apache Tomcat: Schwachstelle ermöglicht Session-Fixation

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tomcat ausnutzen, um eine Session-Fixation durchzuführen und so vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2025-55668

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://tomcat.apache.org/security-11.html#Fixed_…	external
	https://tomcat.apache.org/security-10.html#Fixed_…	external
	https://tomcat.apache.org/security-9.html#Fixed_i…	external
	https://lists.apache.org/thread/v6bknr96rl7l1qxkl…	external
	https://nvd.nist.gov/vuln/detail/CVE-2025-55668	external
	https://www.ibm.com/support/pages/node/7252039	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tomcat ausnutzen, um eine Session-Fixation durchzuf\u00fchren und so vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1826 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1826.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1826 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1826"
      },
      {
        "category": "external",
        "summary": "Tomcat 11 Security vom 2025-08-13",
        "url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.8"
      },
      {
        "category": "external",
        "summary": "Tomcat 10 Security vom 2025-08-13",
        "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.42"
      },
      {
        "category": "external",
        "summary": "Tomcat 9 Security vom 2025-08-13",
        "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.106"
      },
      {
        "category": "external",
        "summary": "Tomcat Security Mailing List vom 2025-08-13",
        "url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47"
      },
      {
        "category": "external",
        "summary": "National Vulnerability Database",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55668"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7252039 vom 2025-11-20",
        "url": "https://www.ibm.com/support/pages/node/7252039"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Tomcat: Schwachstelle erm\u00f6glicht Session-Fixation",
    "tracking": {
      "current_release_date": "2025-11-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-20T08:10:05.857+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-1826",
      "initial_release_date": "2025-08-13T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-08-13T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-11-19T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.0.106",
                "product": {
                  "name": "Apache Tomcat \u003c9.0.106",
                  "product_id": "T046229"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.106",
                "product": {
                  "name": "Apache Tomcat 9.0.106",
                  "product_id": "T046229-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:9.0.106"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.42",
                "product": {
                  "name": "Apache Tomcat \u003c10.1.42",
                  "product_id": "T046230"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.42",
                "product": {
                  "name": "Apache Tomcat 10.1.42",
                  "product_id": "T046230-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:10.1.42"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.8",
                "product": {
                  "name": "Apache Tomcat \u003c11.0.8",
                  "product_id": "T046231"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.8",
                "product": {
                  "name": "Apache Tomcat 11.0.8",
                  "product_id": "T046231-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:11.0.8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tomcat"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM Power Hardware Management Console",
            "product": {
              "name": "IBM Power Hardware Management Console",
              "product_id": "5114",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:hardware_management_console:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-55668",
      "product_status": {
        "known_affected": [
          "T046229",
          "5114",
          "T046231",
          "T046230"
        ]
      },
      "release_date": "2025-08-13T22:00:00.000+00:00",
      "title": "CVE-2025-55668"
    }
  ]
}

CVE-2025-55668 (GCVE-0-2025-55668)

Vulnerability from cvelistv5 – Published: 2025-08-13 13:21 – Updated: 2025-11-04 21:13

Title

Apache Tomcat: session fixation via rewrite valve

Summary

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

Severity ?

No CVSS data available.

CWE

CWE-384 - Session Fixation

Assigner

apache

References

URL

Tags

https://lists.apache.org/thread/v6bknr96rl7l1qxkl…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Tomcat	Affected: 11.0.0-M1 , ≤ 11.0.7 (semver) Affected: 10.1.0-M1 , ≤ 10.1.41 (semver) Affected: 9.0.0.M1 , ≤ 9.0.105 (semver) Unknown: 8 , < 9.0.0.M1 (semver) Unknown: 10.0.0-M1 , ≤ 10.0.27 (semver)

Credits

Greg K (https://github.com/gregk4sec)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-55668",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T13:38:12.498649Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-13T13:39:26.761Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:13:09.014Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/13/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.7",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.41",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.105",
              "status": "affected",
              "version": "9.0.0.M1",
              "versionType": "semver"
            },
            {
              "lessThan": "9.0.0.M1",
              "status": "unknown",
              "version": "8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Greg K (https://github.com/gregk4sec)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSession Fixation vulnerability in Apache Tomcat via rewrite valve.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\u003cbr\u003eOlder, EOL versions may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Session Fixation vulnerability in Apache Tomcat via rewrite valve.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\nOlder, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384 Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:39:30.355Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: session fixation via rewrite valve",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-55668",
    "datePublished": "2025-08-13T13:21:35.743Z",
    "dateReserved": "2025-08-13T12:16:36.881Z",
    "dateUpdated": "2025-11-04T21:13:09.014Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-1826

CVE-2025-55668 (GCVE-0-2025-55668)

Tags

Sightings

Nomenclature