CVE-2018-12538

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

Published: Jun 22, 2018
Updated: Nov 8, 2023
CVE: CVE-2018-12538
GHSA: GHSA-mwcx-532g-8pq3
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-384
CWE-6

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
eclipse / jetty	9.4.0	9.4.8.x
netapp / e-series_santricity_os_controller	11.0	11.40.x
netapp / oncommand_system_manager	3.0.0	3.1.3.x
org.eclipse.jetty / jetty-server	9.4.0	9.4.11.v20180605

http://www.securitytracker.com/id/1041194
https://bugs.eclipse.org/bugs/show_bug.cgi?id=536018
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
https://security.netapp.com/advisory/ntap-20181014-0001/
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vulnerability Database

289,599

CVE-2018-12538