CVE-2020-5205
Session fixation
描述
### Impact The use of `Plug.Session` in `Pow.Plug.Session` is susceptible to session fixation attacks if a persistent session store is used for `Plug.Session`, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. ### Workarounds Call `Plug.Conn.configure_session(conn, renew: true)` periodically and after privilege change. A custom authorization plug can be written where the `create/3` method should return the `conn` only after `Plug.Conn.configure_session/2` have been called on it. ### References https://github.com/danschultzer/pow/commit/578ffd3d8bb8e8a26077b644222186b108da474f https://www.owasp.org/index.php/Session_fixation
如何修補 CVE-2020-5205
要修補 CVE-2020-5205,請將受影響套件升級到下列已修補版本。
- —升級至 1.0.16 或更新版本
CVE-2020-5205 正在被利用嗎?
低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 1.0.16
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N |