PT-2020-13843 · Navigate · Navigate Cms
Sean Wright
·
Published
2020-06-24
·
Updated
2020-06-29
·
CVE-2020-14017
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Navigate CMS version 2.9 r1433
Description
An issue was discovered where sessions and associated information, such as CSRF tokens, are stored in cleartext files in the /private/sessions directory. This could allow an unauthenticated user to use a brute-force approach to attempt to identify existing sessions or view the contents of this file to discover details about a session.
Recommendations
For Navigate CMS version 2.9 r1433, consider restricting access to the /private/sessions directory to prevent unauthorized viewing of session information. As a temporary workaround, implement additional security measures to protect against brute-force attacks on session identification.
Exploit
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Navigate Cms