mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
100 lines
3.6 KiB
JSON
100 lines
3.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security-advisories@github.com",
|
|
"ID": "CVE-2020-5205",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "Session fixation attack in Pow (Hex package)"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Pow",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "< 1.0.16"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "danschultzer"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"scope": "CHANGED",
|
|
"userInteraction": "REQUIRED",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
|
|
"version": "3.1"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-384 Session Fixation"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://github.com/danschultzer/pow/security/advisories/GHSA-v2wf-c3j6-wpvw",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/danschultzer/pow/security/advisories/GHSA-v2wf-c3j6-wpvw"
|
|
},
|
|
{
|
|
"name": "https://github.com/danschultzer/pow/commit/578ffd3d8bb8e8a26077b644222186b108da474f",
|
|
"refsource": "MISC",
|
|
"url": "https://github.com/danschultzer/pow/commit/578ffd3d8bb8e8a26077b644222186b108da474f"
|
|
},
|
|
{
|
|
"name": "https://github.com/danschultzer/pow/blob/master/CHANGELOG.md#v1016-2020-01-07",
|
|
"refsource": "MISC",
|
|
"url": "https://github.com/danschultzer/pow/blob/master/CHANGELOG.md#v1016-2020-01-07"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"advisory": "GHSA-v2wf-c3j6-wpvw",
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Call Plug.Conn.configure_session(conn, renew: true) periodically and after privilege change. A custom authorization plug can be written where the create/3 method should return the conn only after Plug.Conn.configure_session/2 have been called on it."
|
|
}
|
|
]
|
|
}
|