cvelistv5 - CVE-2022-3269

▼	URL	Tags
	security@huntr.dev	https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b	Patch, Third Party Advisory
	security@huntr.dev	https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6	Exploit, Patch, Third Party Advisory

▼	Vendor	Product
	ikus060	ikus060/rdiffweb

gsd-2022-3269

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.

Aliases

CVE-2022-3269

Aliases

CVE-2022-3269

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-3269",
    "id": "GSD-2022-3269"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-3269"
      ],
      "details": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.",
      "id": "GSD-2022-3269",
      "modified": "2023-12-13T01:19:39.752371Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@huntr.dev",
        "ID": "CVE-2022-3269",
        "STATE": "PUBLIC",
        "TITLE": "Session Fixation in ikus060/rdiffweb"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ikus060/rdiffweb",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "2.4.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ikus060"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-384 Session Fixation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6",
            "refsource": "CONFIRM",
            "url": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6"
          },
          {
            "name": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b",
            "refsource": "MISC",
            "url": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b"
          }
        ]
      },
      "source": {
        "advisory": "67c25969-5e7a-4424-817e-e1a918f63cc6",
        "discovery": "EXTERNAL"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.4.7",
          "affected_versions": "All versions before 2.4.7",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-384",
            "CWE-937"
          ],
          "date": "2022-09-29",
          "description": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.",
          "fixed_versions": [
            "2.4.7"
          ],
          "identifier": "CVE-2022-3269",
          "identifiers": [
            "GHSA-j3q4-gmj4-mj95",
            "CVE-2022-3269"
          ],
          "not_impacted": "All versions starting from 2.4.7",
          "package_slug": "pypi/rdiffweb",
          "pubdate": "2022-09-25",
          "solution": "Upgrade to version 2.4.7 or above.",
          "title": "Session Fixation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-3269",
            "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b",
            "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6",
            "https://github.com/pypa/advisory-database/tree/main/vulns/rdiffweb/PYSEC-2022-290.yaml",
            "https://github.com/advisories/GHSA-j3q4-gmj4-mj95"
          ],
          "uuid": "2be9791b-230b-4acb-89d4-efe2ab0bf548"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ikus-soft:rdiffweb:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.4.7",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-3269"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-384"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6"
            },
            {
              "name": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-09-26T17:05Z",
      "publishedDate": "2022-09-23T10:15Z"
    }
  }
}

pysec-2022-290

Vulnerability from pysec

Published

2022-09-23 10:15

Modified

2022-09-26 18:52

Details

Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.

Aliases

CVE-2022-3269

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "rdiffweb",
        "purl": "pkg:pypi/rdiffweb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b"
            }
          ],
          "repo": "https://github.com/ikus060/rdiffweb",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.10.0",
        "0.10.2",
        "0.10.3",
        "0.10.4",
        "0.10.5",
        "0.10.6",
        "0.10.7",
        "0.10.8",
        "0.10.9",
        "0.9.2.dev1",
        "0.9.3",
        "0.9.4",
        "0.9.5",
        "1.0.0",
        "1.0.0a1",
        "1.0.0a2",
        "1.0.0a3",
        "1.0.0a4",
        "1.0.1",
        "1.0.2",
        "1.0.3",
        "1.1.0",
        "1.2.0",
        "1.2.1",
        "1.2.2",
        "1.3.0",
        "1.3.1",
        "1.3.1b1",
        "1.3.1b2",
        "1.3.2",
        "1.4.0",
        "1.4.0b1",
        "1.4.0b2",
        "1.4.0b3",
        "1.4.0b4",
        "1.4.0b5",
        "1.4.1b1",
        "1.4.1b2",
        "1.4.1b3",
        "1.5.0",
        "1.5.1b1",
        "1.5.1b2",
        "1.6.0b1",
        "2.0.1b2",
        "2.0.1b3",
        "2.0.2",
        "2.0.3a1",
        "2.0.3a2",
        "2.0.3a3",
        "2.0.3a4",
        "2.0.3a5",
        "2.0.3a6",
        "2.0.3a7",
        "2.1.0",
        "2.2.0",
        "2.2.0.dev1",
        "2.2.0a1",
        "2.2.0a2",
        "2.2.0a3",
        "2.2.0a4",
        "2.2.0a5",
        "2.2.0a6",
        "2.2.1",
        "2.3.0",
        "2.3.1",
        "2.3.2",
        "2.3.3",
        "2.3.4",
        "2.3.5",
        "2.3.6",
        "2.3.7",
        "2.3.8",
        "2.3.9",
        "2.4.0",
        "2.4.1",
        "2.4.2",
        "2.4.3",
        "2.4.4",
        "2.4.5",
        "2.4.6"
      ]
    }
  ],
  "aliases": [
    "CVE-2022-3269"
  ],
  "details": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.",
  "id": "PYSEC-2022-290",
  "modified": "2022-09-26T18:52:54.831168Z",
  "published": "2022-09-23T10:15:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6"
    },
    {
      "type": "FIX",
      "url": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b"
    }
  ]
}

ghsa-j3q4-gmj4-mj95

Vulnerability from github

Published

2022-09-25 00:00

Modified

2024-10-25 21:29

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

rdiffweb vulnerable to account access via session fixation

Details

rdiffweb prior to 2.4.7 fails to invalidate session cookies on logout, leading to session fixation and allowing an attacker to access a users account. After logging in and logging out, the application continues to use the preauthentication cookies. The cookies remain the same after closing the browser and after password reset. The same cookies are reassigned for additional user logins which can lead to session fixation. An attacker can gain unauthorized access to the account of users who are using the same browser as long as a single session cookie persists on that browser once the attacker obtains a session cookie through another attack. This issue is patched in version 2.4.7. There are no known workarounds.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "rdiffweb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-3269"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-384"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-29T15:19:51Z",
    "nvd_published_at": "2022-09-23T10:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "rdiffweb prior to 2.4.7 fails to invalidate session cookies on logout, leading to session fixation and allowing an attacker to access a users account. After logging in and logging out, the application continues to use the preauthentication cookies. The cookies remain the same after closing the browser and after password reset. The same cookies are reassigned for additional user logins which can lead to session fixation. An attacker can gain unauthorized access to the account of users who are using the same browser as long as a single session cookie persists on that browser once the attacker obtains a session cookie through another attack. This issue is patched in version 2.4.7. There are no known workarounds.\n",
  "id": "GHSA-j3q4-gmj4-mj95",
  "modified": "2024-10-25T21:29:05Z",
  "published": "2022-09-25T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3269"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ikus060/rdiffweb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/rdiffweb/PYSEC-2022-290.yaml"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "rdiffweb vulnerable to account access via session fixation"
}

Action not permitted

CVE-2022-3269

Vulnerability from cvelistv5

gsd-2022-3269

Vulnerability from gsd

pysec-2022-290

Vulnerability from pysec

ghsa-j3q4-gmj4-mj95

Vulnerability from github

Tags