CVE-2020-15085

30.06.2020, 17:15

In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. A malicious user with direct access to the browser could extract the email and password. In versions prior to 2.10.0 persisted the cache even after the user logged out. This is fixed in version 2.10.3. A workaround is to manually clear application data (browser's local storage) after logging into Saleor Storefront.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
GitHub_M	CNA	6.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 37%

Vendor	Product	Version
mirumee	saleor	𝑥 < 2.10.3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-312 - Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References

https://github.com/mirumee/saleor-storefront/blob/master/CHANGELOG.md#2103

https://github.com/mirumee/saleor-storefront/commit/7c331e1be805022c9a7be719bd69d050b2577458

https://github.com/mirumee/saleor-storefront/security/advisories/GHSA-4279-h39w-2jqm

https://github.com/mirumee/saleor-storefront/blob/master/CHANGELOG.md#2103

https://github.com/mirumee/saleor-storefront/commit/7c331e1be805022c9a7be719bd69d050b2577458

https://github.com/mirumee/saleor-storefront/security/advisories/GHSA-4279-h39w-2jqm