Lucene search

GoogleOSV:GHSA-9XFW-JJQ2-7V8H

HistoryFeb 05, 2024 - 8:19 p.m.

1Panel set-cookie is missing the Secure keyword

2024-02-0520:19:30

Google

osv.dev

panel

set-cookie

secure keyword

https

plain text

transmission risk

http

poc

impact

software

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.3%

JSON

Summary

The https cookie that comes with the panel does not have the Secure keyword, which may cause the cookie to be sent in plain text when accessing http accidentally.

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Set-Cookie#secure

PoC

Directly configure https for the panel, and then capture the packet when logging in again and find that the cookie does not have the Secure keyword

Impact

Everyone who has configured the panel https

CPENameOperatorVersion
github.com/1panel-dev/1panellt1.9.6

CPE	Name	Operator	Version
	github.com/1panel-dev/1panel	lt	1.9.6

References

github.com/1Panel-dev/1Panel

github.com/1Panel-dev/1Panel/commit/1169648162c4b9b48e0b4aa508f9dea4d6bc50d5

github.com/1Panel-dev/1Panel/pull/3817

github.com/1Panel-dev/1Panel/security/advisories/GHSA-9xfw-jjq2-7v8h

nvd.nist.gov/vuln/detail/CVE-2024-24768

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.3%

JSON

Related for OSV:GHSA-9XFW-JJQ2-7V8H