CVE-2022-24743

HIGH Year: 2022
CVSS v3 Score
8.2
High
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-613
View all →

Vulnerability Description

Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\Bundle\ApiBundle\CommandHandler\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory.

Related Vulnerabilities

CVE-2022-0991

HIGH
CVSS:8.2(High)

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9.

CWE-6132022

CVE-2022-2306

HIGH
CVSS:8.2(High)

Old session tokens can be used to authenticate to the application and send authenticated requests.

CWE-6132022

CVE-2009-20001

HIGH
CVSS:8.1(High)

An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and activ...

CWE-6132009

CVE-2017-11667

HIGH
CVSS:8.1(High)

OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session.

CWE-6132017

CVE-2018-1127

HIGH
CVSS:8.1(High)

Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. Session tokens remain active for a few minutes allowing attackers to replay tokens ...

CWE-6132018

CVE-2019-1003049

HIGH
CVSS:8.1(High)

Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earli...

CWE-6132019