CVE-2024-45462

The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the backend service. An attacker that has access to a user's browser can use an unexpired session to gain access to resources owned by the logged out user account. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3; and from 4.19.0.0 through 4.19.1.1. Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addresses this issue.

CVSS v3.0 7.1 HIGH

7.1^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2	Vendor Advisory
https://lists.apache.org/thread/ktsfjcnj22x4kg49ctock3d9tq7jnvlo	Vendor Advisory
https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:cloudstack::::::::
	cpe:2.3:a:apache:cloudstack::::::::

History

17 Oct 2024, 20:24

Type	Values Removed	Values Added
CPE		cpe:2.3:a:apache:cloudstack::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.1
First Time		Apache Apache cloudstack
References	~~() https://lists.apache.org/thread/ktsfjcnj22x4kg49ctock3d9tq7jnvlo -~~	() https://lists.apache.org/thread/ktsfjcnj22x4kg49ctock3d9tq7jnvlo - Vendor Advisory

16 Oct 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-16 08:15

Updated : 2024-10-17 20:24

NVD link : CVE-2024-45462

Mitre link : CVE-2024-45462

JSON object : View

Products Affected

apache

cloudstack

CWE

CWE-613

Insufficient Session Expiration

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2", "name": "https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://lists.apache.org/thread/ktsfjcnj22x4kg49ctock3d9tq7jnvlo", "name": "https://lists.apache.org/thread/ktsfjcnj22x4kg49ctock3d9tq7jnvlo", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2", "name": "https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the backend service. An attacker that has access to a user's browser can use an unexpired session to gain access to resources owned by the logged out user account. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3; and from 4.19.0.0 through 4.19.1.1.\n\n\n\n\nUsers are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addresses this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-613"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-45462", "ASSIGNER": "security@apache.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}}, "publishedDate": "2024-10-16T08:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.18.2.4", "versionStartIncluding": "4.15.1.0"}, {"cpe23Uri": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.1.2", "versionStartIncluding": "4.19.0.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-10-17T20:24Z"}