Lucene search

GitHub_MVULNRICHMENT:CVE-2024-29036

HistoryMar 20, 2024 - 8:39 p.m.

CVE-2024-29036 Saleor Storefront session leak in cache

2024-03-2020:39:01

CWE-200

GitHub_M

github.com

cve-2024-29036

saleor storefront

session leak

cache

authentication

upgrade

patch

createsaleorauthclient

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Saleor Storefront is software for building e-commerce experiences. Prior to commit 579241e75a5eb332ccf26e0bcdd54befa33f4783, when any user authenticates in the storefront, anonymous users are able to access their data. The session is leaked through cache and can be accessed by anyone. Users should upgrade to a version that incorporates commit 579241e75a5eb332ccf26e0bcdd54befa33f4783 or later to receive a patch. A possible workaround is to temporarily disable authentication by changing the usage of createSaleorAuthClient().

References

github.com/saleor/auth-sdk/commit/56db13407aa35d00b85ec2df042692edd4aea9da

github.com/saleor/saleor-docs/pull/1120

github.com/saleor/storefront/commit/579241e75a5eb332ccf26e0bcdd54befa33f4783

github.com/saleor/storefront/security/advisories/GHSA-52cq-c7x7-cqw4

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-29036