Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID? What is an MSC vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: January 13, 2022
OverviewIn DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed.
DetailsThe “DayByDay” application is built on Laravel framework. It improperly terminates the session when a password has been changed. An already logged in user can still access the application even after password change. There is no session validation for an active session after the password change.
PoC DetailsFor demonstration purposes we will use two users:
Bob, a low privileged user.
Administrator, a highly privileged user.
Login to the application as Bob.
In another browser, login as Administrator and observe that Bob is online.
Now edit the user Bob from the “all users” page under the “users” section in the left panel.
Change the password of Bob.
Now in the first browser session, open the already logged in Bob account and press on “Create an Offer” under the Leads section, to check whether the user can still access the application after password change.
Proceed and create an offer with the necessary details needed to complete the form.
The data has been updated successfully, thus the session is still active even after the password was changed.
Affected Environmentsbottelet/flarepoint - 2.2.0 through 2.2.1 (latest)
RemediationThe current session should be destroyed whenever a user requests for a password change.
PreventionNo fix was provided
Good to know:
No fix version available
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||None|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Low|