CVE-2021-25966 - OpenCVE

In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Orchardcore	Orchard Core

Configuration 1 [-]

OR	cpe:2.3:a:orchardcore:orchard_core:1.0.0:-::::::
	cpe:2.3:a:orchardcore:orchard_core:1.0.0:beta1-3383::::::

No data.

References

Link	Providers
https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2021-10-10T09:45:11.697022Z

Updated: 2024-09-16T23:40:26.391Z

Reserved: 2021-01-22T00:00:00

Link: CVE-2021-25966

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-10-10T10:15:07.270

Modified: 2022-02-25T16:10:26.793

Link: CVE-2021-25966

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Users", "vendor": "OrchardCore", "versions": [{"lessThan": "unspecified", "status": "affected", "version": "1.0.0-beta1-3383", "versionType": "custom"}, {"lessThanOrEqual": "1.0.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2021-10-06T00:00:00", "descriptions": [{"lang": "en", "value": "In \u201cOrchard core CMS\u201d application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-613", "description": "CWE-613 Insufficient Session Expiration", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-10T09:45:11", "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN"}, "title": "Orchard Core CMS - Improper Session Termination after Password Change", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "DATE_PUBLIC": "2021-10-06T09:12:00.000Z", "ID": "CVE-2021-25966", "STATE": "PUBLIC", "TITLE": "Orchard Core CMS - Improper Session Termination after Password Change"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Users", "version": {"version_data": [{"version_affected": ">=", "version_value": "1.0.0-beta1-3383"}, {"version_affected": "<=", "version_value": "1.0.0"}]}}]}, "vendor_name": "OrchardCore"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In \u201cOrchard core CMS\u201d application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-613 Insufficient Session Expiration"}]}]}, "references": {"reference_data": [{"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966", "refsource": "MISC", "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966"}, {"name": "https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123", "refsource": "MISC", "url": "https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123"}]}, "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:19:19.729Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123"}]}]}, "cveMetadata": {"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "assignerShortName": "Mend", "cveId": "CVE-2021-25966", "datePublished": "2021-10-10T09:45:11.697022Z", "dateReserved": "2021-01-22T00:00:00", "dateUpdated": "2024-09-16T23:40:26.391Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:orchardcore:orchard_core:1.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "A1F7B011-2638-43CF-BB2E-33EF17591277", "vulnerable": true}, {"criteria": "cpe:2.3:a:orchardcore:orchard_core:1.0.0:beta1-3383:*:*:*:*:*:*", "matchCriteriaId": "5A47A4A7-9FEC-4462-94E0-6FB4C929F173", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In \u201cOrchard core CMS\u201d application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an improper session termination after password change. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed."}, {"lang": "es", "value": "En la aplicaci\u00f3n \"Orchard core CMS\", versiones 1.0.0-beta1-3383 a 1.0.0, son vulnerables a una terminaci\u00f3n de sesi\u00f3n inapropiada tras el cambio de contrase\u00f1a. Cuando una contrase\u00f1a ha sido cambiada por el usuario o por un administrador, un usuario que ya hab\u00eda iniciado sesi\u00f3n, seguir\u00e1 teniendo acceso a la aplicaci\u00f3n incluso despu\u00e9s de haber cambiado la contrase\u00f1a"}], "id": "CVE-2021-25966", "lastModified": "2022-02-25T16:10:26.793", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}, "published": "2021-10-10T10:15:07.270", "references": [{"source": "vulnerabilitylab@mend.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/OrchardCMS/OrchardCore/blob/v1.0.0/src/OrchardCore.Modules/OrchardCore.Users/Controllers/ResetPasswordController.cs#L123"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25966"}], "sourceIdentifier": "vulnerabilitylab@mend.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-613"}], "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}