-
Notifications
You must be signed in to change notification settings - Fork 201
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- 1 new CVEs: CVE-2024-55603 - 0 updated CVEs:
- Loading branch information
cvelistV5 Github Action
committed
Dec 18, 2024
1 parent
9b1b8e6
commit 9ce0f72
Showing
3 changed files
with
152 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,133 @@ | ||
{ | ||
"dataType": "CVE_RECORD", | ||
"dataVersion": "5.1", | ||
"cveMetadata": { | ||
"cveId": "CVE-2024-55603", | ||
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", | ||
"state": "PUBLISHED", | ||
"assignerShortName": "GitHub_M", | ||
"dateReserved": "2024-12-09T14:22:52.524Z", | ||
"datePublished": "2024-12-18T23:52:57.327Z", | ||
"dateUpdated": "2024-12-18T23:52:57.327Z" | ||
}, | ||
"containers": { | ||
"cna": { | ||
"title": "Insufficient session invalidation in Kanboard", | ||
"problemTypes": [ | ||
{ | ||
"descriptions": [ | ||
{ | ||
"cweId": "CWE-613", | ||
"lang": "en", | ||
"description": "CWE-613: Insufficient Session Expiration", | ||
"type": "CWE" | ||
} | ||
] | ||
} | ||
], | ||
"metrics": [ | ||
{ | ||
"cvssV3_1": { | ||
"attackComplexity": "LOW", | ||
"attackVector": "NETWORK", | ||
"availabilityImpact": "NONE", | ||
"baseScore": 6.5, | ||
"baseSeverity": "MEDIUM", | ||
"confidentialityImpact": "LOW", | ||
"integrityImpact": "LOW", | ||
"privilegesRequired": "NONE", | ||
"scope": "UNCHANGED", | ||
"userInteraction": "NONE", | ||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", | ||
"version": "3.1" | ||
} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gv5c-8pxr-p484", | ||
"tags": [ | ||
"x_refsource_CONFIRM" | ||
], | ||
"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-gv5c-8pxr-p484" | ||
}, | ||
{ | ||
"name": "https://github.com/kanboard/kanboard/commit/7ce61c34d962ca8b5dce776289ddf4b207be6e78", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://github.com/kanboard/kanboard/commit/7ce61c34d962ca8b5dce776289ddf4b207be6e78" | ||
}, | ||
{ | ||
"name": "https://github.com/kanboard/kanboard/blob/main/app/Core/Session/SessionHandler.php#L40", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://github.com/kanboard/kanboard/blob/main/app/Core/Session/SessionHandler.php#L40" | ||
}, | ||
{ | ||
"name": "https://www.php.net/manual/en/function.session-start.php", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://www.php.net/manual/en/function.session-start.php" | ||
}, | ||
{ | ||
"name": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-divisor", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-divisor" | ||
}, | ||
{ | ||
"name": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime" | ||
}, | ||
{ | ||
"name": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-probability", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://www.php.net/manual/en/session.configuration.php#ini.session.gc-probability" | ||
}, | ||
{ | ||
"name": "https://www.php.net/manual/en/sessionhandlerinterface.gc.php", | ||
"tags": [ | ||
"x_refsource_MISC" | ||
], | ||
"url": "https://www.php.net/manual/en/sessionhandlerinterface.gc.php" | ||
} | ||
], | ||
"affected": [ | ||
{ | ||
"vendor": "kanboard", | ||
"product": "kanboard", | ||
"versions": [ | ||
{ | ||
"version": "< 1.2.43", | ||
"status": "affected" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", | ||
"shortName": "GitHub_M", | ||
"dateUpdated": "2024-12-18T23:52:57.327Z" | ||
}, | ||
"descriptions": [ | ||
{ | ||
"lang": "en", | ||
"value": "Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler (`app/Core/Session/SessionHandler.php`), to store the session data in a database. Therefore, when a `session_id` is given, kanboard queries the data from the `sessions` sql table. At this point, it does not correctly verify, if a given `session_id` has already exceeded its lifetime (`expires_at`).\nThus, a session which's lifetime is already `> time()`, is still queried from the database and hence a valid login. The implemented **SessionHandlerInterface::gc** function, that does remove invalid sessions, is called only **with a certain probability** (_Cleans up expired sessions. Called by `session_start()`, based on `session.gc_divisor`, `session.gc_probability` and `session.gc_maxlifetime` settings_) accordingly to the php documentation. In the official Kanboard docker image these values default to: session.gc_probability=1, session.gc_divisor=1000. Thus, an expired session is only terminated with probability 1/1000. This issue has been addressed in release 1.2.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability." | ||
} | ||
], | ||
"source": { | ||
"advisory": "GHSA-gv5c-8pxr-p484", | ||
"discovery": "UNKNOWN" | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters