CVE-2022-24740
Improper Authentication in Volto
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and privileges. This occurs when using an outdated version of the `react-cookie` library and a server is under high load. A proof of concept does not currently exist, but it is possible for this issue to occur in the wild. The patch and fix is present in Volto 15.0.0-alpha.0. As a workaround, one may manually upgrade the `react-cookie` package to 4.1.1 and then override all Volto components that use this library.
Volto es un frontend basado en ReactJS para el Sistema de Administración de Contenidos Plone. Entre las versiones 14.0.0-alpha.5 y 15.0.0-alpha.0, un usuario podía tener su cookie de autenticación reemplazada por una cookie de autenticación de otro usuario, dándole efectivamente el control de la cuenta y los privilegios del otro usuario. Esto ocurre cuando es usada una versión obsoleta de la biblioteca "react-cookie" y un servidor está bajo alta carga. Actualmente no se presenta una prueba de concepto, pero es posible que este problema ocurra "in the wild". El parche y la corrección están presentes en Volto versión 15.0.0-alpha.0. Como medida de mitigación, puede actualizarse manualmente el paquete "react-cookie" a versión 4.1.1 y luego anular todos los componentes de Volto que usen esta biblioteca
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-02-10 CVE Reserved
- 2022-03-14 CVE Published
- 2023-10-05 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/plone/volto/pull/3051 | 2022-03-22 | |
| https://github.com/plone/volto/security/advisories/GHSA-cfhh-xgwq-5r67 | 2022-03-22 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | >= 14.1.0 <= 14.10.0 Search vendor "Plone" for product "Volto" and version " >= 14.1.0 <= 14.10.0" | node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha10, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha11, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha12, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha13, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha14, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha15, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha16, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha17, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha18, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha19, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha20, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha21, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha22, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha23, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha24, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha25, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha26, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha27, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha28, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha29, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha30, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha31, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha32, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha33, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha34, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha35, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha36, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha37, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha38, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha39, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha40, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha41, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha42, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha43, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha6, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha7, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha8, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 14.0.0 Search vendor "Plone" for product "Volto" and version "14.0.0" | alpha9, node.js |
Affected
| ||||||
| Plone Search vendor "Plone" | Volto Search vendor "Plone" for product "Volto" | 15.0.0 Search vendor "Plone" for product "Volto" and version "15.0.0" | alpha0, node.js |
Affected
| ||||||