Lucene search

@huntr_aiVULNRICHMENT:CVE-2024-4680

HistoryJun 08, 2024 - 7:38 p.m.

CVE-2024-4680 Insufficient Session Expiration in zenml-io/zenml

2024-06-0819:38:31

CWE-613

@huntr_ai

github.com

vulnerability

zenml-io/zenml

insufficient session expiration

session credentials

docker

re-authentication

3.9 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

7.2 High

AI Score

Confidence

Low

JSON

A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim’s ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication.

CNA Affected

[
  {
    "vendor": "zenml-io",
    "product": "zenml-io/zenml",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

References

huntr.com/bounties/c88f6bd2-490d-4930-98dd-03651b20230a

3.9 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

7.2 High

AI Score

Confidence

Low

JSON

Related for VULNRICHMENT:CVE-2024-4680