high
7.5
CWE
287
Advisory Published
Updated

CVE-2022-24740: Improper Authentication in Volto

First published: Mon Mar 14 2022(Updated: )

Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and privileges. This occurs when using an outdated version of the `react-cookie` library and a server is under high load. A proof of concept does not currently exist, but it is possible for this issue to occur in the wild. The patch and fix is present in Volto 15.0.0-alpha.0. As a workaround, one may manually upgrade the `react-cookie` package to 4.1.1 and then override all Volto components that use this library.

Credit: security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
Plone Volto>=14.1.0<=14.10.0
Plone Volto=14.0.0
Plone Volto=14.0.0-alpha10
Plone Volto=14.0.0-alpha11
Plone Volto=14.0.0-alpha12
Plone Volto=14.0.0-alpha13
Plone Volto=14.0.0-alpha14
Plone Volto=14.0.0-alpha15
Plone Volto=14.0.0-alpha16
Plone Volto=14.0.0-alpha17
Plone Volto=14.0.0-alpha18
Plone Volto=14.0.0-alpha19
Plone Volto=14.0.0-alpha20
Plone Volto=14.0.0-alpha21
Plone Volto=14.0.0-alpha22
Plone Volto=14.0.0-alpha23
Plone Volto=14.0.0-alpha24
Plone Volto=14.0.0-alpha25
Plone Volto=14.0.0-alpha26
Plone Volto=14.0.0-alpha27
Plone Volto=14.0.0-alpha28
Plone Volto=14.0.0-alpha29
Plone Volto=14.0.0-alpha30
Plone Volto=14.0.0-alpha31
Plone Volto=14.0.0-alpha32
Plone Volto=14.0.0-alpha33
Plone Volto=14.0.0-alpha34
Plone Volto=14.0.0-alpha35
Plone Volto=14.0.0-alpha36
Plone Volto=14.0.0-alpha37
Plone Volto=14.0.0-alpha38
Plone Volto=14.0.0-alpha39
Plone Volto=14.0.0-alpha40
Plone Volto=14.0.0-alpha41
Plone Volto=14.0.0-alpha42
Plone Volto=14.0.0-alpha43
Plone Volto=14.0.0-alpha6
Plone Volto=14.0.0-alpha7
Plone Volto=14.0.0-alpha8
Plone Volto=14.0.0-alpha9
Plone Volto=15.0.0-alpha0

Remedy

https://github.com/plone/volto/pull/3051

Remedy

https://github.com/plone/volto/security/advisories/GHSA-cfhh-xgwq-5r67

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2022-24740?

    CVE-2022-24740 is a vulnerability in the Volto ReactJS-based frontend for the Plone Content Management System.

  • What is the severity of CVE-2022-24740?

    The severity of CVE-2022-24740 is high with a CVSS score of 7.5.

  • How does CVE-2022-24740 affect Plone Volto?

    CVE-2022-24740 affects Plone Volto versions 14.0.0-alpha.5 to 15.0.0-alpha.0.

  • How can an attacker exploit CVE-2022-24740?

    An attacker can exploit CVE-2022-24740 by replacing a user's authentication cookie with another user's authentication cookie, giving them control of the other user's account and privileges.

  • How can I fix CVE-2022-24740?

    To fix CVE-2022-24740, update your Plone Volto installation to a version that is not affected by the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203