GitHub_MCVELIST:CVE-2021-41274CVE-2021-41274 Authentication Bypass by CSRF Weakness
9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.9%
solidus_auth_devise provides authentication services for the Solidus webstore framework, using the Devise gem. In affected versions solidus_auth_devise is subject to a CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of solidus_auth_devise are affected if protect_from_forgery method is both: Executed whether as: A before_action callback (the default) or A prepend_before_action (option prepend: true given) before the :load_object hook in Spree::UserController (most likely order to find). Configured to use :null_session or :reset_session strategies (:null_session is the default in case the no strategy is given, but rails --new generated skeleton use :exception). Users should promptly update to solidus_auth_devise version 2.5.4. Users unable to update should if possible, change their strategy to :exception. Please see the linked GHSA for more workaround details.
CNA Affected
[
{
"product": "solidus_auth_devise",
"vendor": "solidusio",
"versions": [
{
"status": "affected",
"version": ">= 1.0.0, < 2.5.4"
}
]
}
]Related
9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
9.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.9%