CVE-2022-24740

Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and privileges. This occurs when using an outdated version of the `react-cookie` library and a server is under high load. A proof of concept does not currently exist, but it is possible for this issue to occur in the wild. The patch and fix is present in Volto 15.0.0-alpha.0. As a workaround, one may manually upgrade the `react-cookie` package to 4.1.1 and then override all Volto components that use this library.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
GitHub_MCNA
5 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
plonevolto
14.1.0 ≤
𝑥
≤ 14.10.0
plonevolto
14.0.0
plonevolto
14.0.0:alpha10
plonevolto
14.0.0:alpha11
plonevolto
14.0.0:alpha12
plonevolto
14.0.0:alpha13
plonevolto
14.0.0:alpha14
plonevolto
14.0.0:alpha15
plonevolto
14.0.0:alpha16
plonevolto
14.0.0:alpha17
plonevolto
14.0.0:alpha18
plonevolto
14.0.0:alpha19
plonevolto
14.0.0:alpha20
plonevolto
14.0.0:alpha21
plonevolto
14.0.0:alpha22
plonevolto
14.0.0:alpha23
plonevolto
14.0.0:alpha24
plonevolto
14.0.0:alpha25
plonevolto
14.0.0:alpha26
plonevolto
14.0.0:alpha27
plonevolto
14.0.0:alpha28
plonevolto
14.0.0:alpha29
plonevolto
14.0.0:alpha30
plonevolto
14.0.0:alpha31
plonevolto
14.0.0:alpha32
plonevolto
14.0.0:alpha33
plonevolto
14.0.0:alpha34
plonevolto
14.0.0:alpha35
plonevolto
14.0.0:alpha36
plonevolto
14.0.0:alpha37
plonevolto
14.0.0:alpha38
plonevolto
14.0.0:alpha39
plonevolto
14.0.0:alpha40
plonevolto
14.0.0:alpha41
plonevolto
14.0.0:alpha42
plonevolto
14.0.0:alpha43
plonevolto
14.0.0:alpha6
plonevolto
14.0.0:alpha7
plonevolto
14.0.0:alpha8
plonevolto
14.0.0:alpha9
plonevolto
15.0.0:alpha0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/plone/volto/pull/3051
https://github.com/plone/volto/security/advisories/GHSA-cfhh-xgwq-5r67
https://github.com/plone/volto/pull/3051
https://github.com/plone/volto/security/advisories/GHSA-cfhh-xgwq-5r67