From e6449f1ce9e2d082aec21b208872fac9a2c345fd Mon Sep 17 00:00:00 2001 From: Robert Schultheis Date: Fri, 24 Jan 2020 13:01:07 -0700 Subject: [PATCH] add CVE-2020-5224 for GHSA-5fq8-3q2f-4m5g --- 2020/5xxx/CVE-2020-5224.json | 84 +++++++++++++++++++++++++++++++++--- 1 file changed, 77 insertions(+), 7 deletions(-) diff --git a/2020/5xxx/CVE-2020-5224.json b/2020/5xxx/CVE-2020-5224.json index feda1fa73fc..42a712c3fd1 100644 --- a/2020/5xxx/CVE-2020-5224.json +++ b/2020/5xxx/CVE-2020-5224.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-5224", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Session key exposure through session list in Django User Sessions" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "django-user-sessions", + "version": { + "version_data": [ + { + "version_value": "< 1.7.1" + } + ] + } + } + ] + }, + "vendor_name": "Jazzband" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Django User Sessions (django-user-sessions) before 1.7.1, the views provided allow users to terminate specific sessions. The session key is used to identify sessions, and thus included in the rendered HTML. In itself this is not a problem. However if the website has an XSS vulnerability, the session key could be extracted by the attacker and a session takeover could happen." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287: Improper Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Bouke/django-user-sessions/security/advisories/GHSA-5fq8-3q2f-4m5g", + "refsource": "CONFIRM", + "url": "https://github.com/Bouke/django-user-sessions/security/advisories/GHSA-5fq8-3q2f-4m5g" + }, + { + "name": "https://github.com/jazzband/django-user-sessions/commit/f0c4077e7d1436ba6d721af85cee89222ca5d2d9", + "refsource": "MISC", + "url": "https://github.com/jazzband/django-user-sessions/commit/f0c4077e7d1436ba6d721af85cee89222ca5d2d9" + } + ] + }, + "source": { + "advisory": "GHSA-5fq8-3q2f-4m5g", + "discovery": "UNKNOWN" } -} \ No newline at end of file +}