Impact

This vulnerability can allow a malicious attacker to use this application of the user of which they have stolen the session id from. This session will last until the original user logs out or the session timeouts. During this time, an attacker could perform actions within this application with the roles / permissions of the original user. Different attack vectors a malicious actor may use to steal a user's authenticated session id could be via cross-site scripting attacks, hidden form fields on a webpage, browser exploitation, or a social engineering attack.

Systems Affected

URL:

·        https://<##.##.##.##>/adminconsoleapp/

Recommendation

Implement proper session validation techniques such as:

·        Including other tokens / factors for authentication such as anti-CSRF tokens.

·        Setting the secure flag for the JSESSIONID cookie so it cannot be transmitted over cleartext HTTP.

·        Enforcing sticky sessions (by verifying the relationship between the session ID and other client properties, like the IP address or User-Agent).

·        Set appropriate values for the Expire and Max-Age attributes of the JSESSIONID cookie.