Mend Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-25970

Date: October 20, 2021

Overview

Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s password. A user that was already logged in, will still have access to the application even after the password was changed.

Details

Camaleon CMS doesn’t terminate the active session of the users, even after the admin changes the user’s password.

PoC Details

Login to the application as a non-admin user (for demonstration purposes, we’ll call him “Bob”), with a private window.
Now in a regular window, login as an administrator. Click on Users, All Users, Edit. Press the pencil button near “Bob” user. Change his password and save.
Go back to the private window, and notice Bob’s session persists even after the password was changed by the admin.

Affected Environments

Camaleon CMS versions 0.1.7 to 2.6.0

Prevention

Update to camaleon_cms version 2.6.0.1

Language: Ruby

Good to know:

icon

Insufficient Session Expiration

CWE-613
icon

Upgrade Version

Upgrade to version camaleon_cms - 2.6.0.1

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (AU): None
Confidentiality (C): Partial
Integrity (I): Partial
Availability (A): Partial
Additional information:

Related Resources (4)

https://nvd.nist.gov/vuln/detail/CVE-2021-25970
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25970
https://github.com/owen2345/camaleon-cms/commit/77e31bc6cdde7c951fba104aebcd5ebb3f02b030
https://www.mend.io/vulnerability-database/CVE-2021-25970