Vulnerability Details : CVE-2021-25981
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)
Products affected by CVE-2021-25981
- cpe:2.3:a:talkyard:talkyard:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-25981
2.00%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-25981
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
Mend |
CWE ids for CVE-2021-25981
-
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."Assigned by:
- nvd@nist.gov (Primary)
- vulnerabilitylab@mend.io (Secondary)
References for CVE-2021-25981
-
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981
CVE-2021-25981 | WhiteSource Vulnerability DatabasePatch;Third Party Advisory;VDB Entry
-
https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34
Better session ids, 5 parts, feature flag to enable. · debiki/talkyard@b0310df · GitHubPatch;Third Party Advisory
-
https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761
Use fancy sids, not silly sids, by default. · debiki/talkyard@b071291 · GitHubPatch;Third Party Advisory
Jump to