CVE-2020-11728

An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956650	Mailing List Third Party Advisory
https://gitlab.com/davical-project/awl/-/issues/19	Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/04/msg00011.html	Mailing List Third Party Advisory
https://usn.ubuntu.com/4539-1/
https://www.debian.org/security/2020/dsa-4660	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:davical:andrew\'s_web_libraries:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

History

No history.

Information

Published : 2020-04-15 16:15

Updated : 2024-02-28 17:47

NVD link : CVE-2020-11728

Mitre link : CVE-2020-11728

CVE.ORG link : CVE-2020-11728

JSON object : View

Products Affected

davical

andrew\'s_web_libraries

debian

debian_linux

CWE

CWE-384

Session Fixation

{"id": "CVE-2020-11728", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-04-15T16:15:16.643", "references": [{"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956650", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gitlab.com/davical-project/awl/-/issues/19", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00011.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4539-1/", "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2020/dsa-4660", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-384"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en DAViCal Andrew's Web Libraries (AWL) versiones hasta el 0,60. La administraci\u00f3n de sesiones no usa una clave de sesi\u00f3n lo suficientemente dif\u00edcil de adivinar. Cualquiera que pueda adivinar el tiempo de microsegundos (y el incremento del session_id) puede suplantar una sesi\u00f3n."}], "lastModified": "2020-09-28T18:15:18.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:davical:andrew\\'s_web_libraries:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB204E5C-5C64-4CEA-A567-0DADDE0F5610", "versionEndIncluding": "0.60"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}