Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-45659: Session is not expiring after password reset

Engelsystem is a shift planning system for chaos events. If a users’ password is compromised and an attacker gained access to a users’ account, i.e., logged in and obtained a session, an attackers’ session is not terminated if the users’ account password is reset. This vulnerability has been fixed in the commit dbb089315ff3d. Users are advised to update their installations. There are no known workarounds for this vulnerability.

CVE
#vulnerability#chrome#firefox

Impact

If a users’ password is compromised and an attacker gained access to a users’ account, i.e., logged in and obtained a session, an attackers’ session is not terminated if the users’ account password is reset.

Patches

This vulnerability has been fixed in the following commit: dbb0893

Workarounds

There are no workarounds available. Users are advised to upgrade to at least dbb0893

PoC by Eugene Shein

After setting up an engelsystem instance on http://localhost:5080/settings/password, open http://localhost:5080/settings/password in 2 browsers (I use Firefox and Chromium)
Log in using these both browser with same login credentials
Change password from the Firefox browser
After password changed, refresh the page on the Chromium browser
Observe that the session will not expire after password resetting

Video

Acknowledgements

This issue has been reported by Eugene Shein.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907