Vulnerability Description
An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an attacker.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Octobercms | October | <= 1.0.471 |
Related Weaknesses (CWE)
References
- https://anisiosantos.me/october-cms-token-reactivationExploitThird Party Advisory
- https://github.com/octobercms/library/commit/642f597489e6f644d4bd9a0c267e864cabePatchThird Party Advisory
- https://octobercms.com/forum/chan/announcementsVendor Advisory
- https://anisiosantos.me/october-cms-token-reactivationExploitThird Party Advisory
- https://github.com/octobercms/library/commit/642f597489e6f644d4bd9a0c267e864cabePatchThird Party Advisory
- https://octobercms.com/forum/chan/announcementsVendor Advisory
FAQ
What is CVE-2021-3311?
CVE-2021-3311 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.ph...
How severe is CVE-2021-3311?
CVE-2021-3311 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-3311?
Check the references section above for vendor advisories and patch information. Affected products include: Octobercms October.