Lucene search

[email protected]NVD:CVE-2024-4680

HistoryJun 08, 2024 - 8:15 p.m.

CVE-2024-4680

2024-06-0820:15:52

CWE-613

[email protected]

web.nvd.nist.gov

vulnerability

zenml

session reuse

password change

docker deployment

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.8%

JSON

A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim’s ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication.

Affected configurations

Nvd

Node

zenmlzenmlMatch0.56.3

VendorProductVersionCPE
zenmlzenml0.56.3cpe:2.3:a:zenml:zenml:0.56.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zenml	zenml	0.56.3	cpe:2.3:a:zenml:zenml:0.56.3:::::::*

References

huntr.com/bounties/c88f6bd2-490d-4930-98dd-03651b20230a

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.8%

JSON

Related for NVD:CVE-2024-4680

osv2 cvelist1 vulnrichment1 cve1 veracode1 github1