CVE-2022-24880

Potential Captcha Validate Bypass in flask-session-captcha

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.

flask-session-captcha es un paquete que permite a usuarios ampliar Flask al añadir un captcha basado en una imagen almacenada en una sesión del lado del servidor. En versiones anteriores a 1.2.1, la función "captcha.validate()" devolvía "None" si no le es pasado ningún valor (por ejemplo, al enviar un formulario vacío). Si usuarios implementadores comprobaban que el valor de retorno era **False**, la comprobación del captcha podía omitirse. La versión 1.2.1 corrige el problema. Los usuarios pueden mitigar el problema al no comprobar explícitamente que el valor es False. Comprobar el valor de retorno de forma menos explícita debería seguir funcionando

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-02-10 CVE Reserved
2022-04-25 CVE Published
2024-08-03 CVE Updated
2024-11-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-253: Incorrect Check of Function Return Value
CWE-394: Unexpected Status Code or Return Value
CWE-754: Improper Check for Unusual or Exceptional Conditions

CAPEC

References (4)

URL	Tag	Source
https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1	Release Notes
https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4	2022-05-05
https://github.com/Tethik/flask-session-captcha/pull/27	2022-05-05

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Flask-session-captcha Project Search vendor "Flask-session-captcha Project"		Flask-session-captcha Search vendor "Flask-session-captcha Project" for product "Flask-session-captcha"				< 1.2.1 Search vendor "Flask-session-captcha Project" for product "Flask-session-captcha" and version " < 1.2.1"		-		Affected