CVE-2024-24823
CVSS 3.1 Score 4.4 of 10 (medium)
Details
Summary
CVE-2024-24823 is a vulnerability that affects Graylog, a free and open log management platform. The vulnerability exists in versions 4.3.0 and prior to versions 5.1.11 and 5.2.4, allowing reauthentication with an existing session cookie to reuse the session ID, even if different user credentials are used. This could potentially lead to elevated access to an existing Graylog login session if a malicious user injects their session cookie into someone else's browser through a spoofed login screen or cross-site scripting attack. Graylog 5.1.11, 5.2.4, and any versions of the 6.0 development branch have been patched to prevent session reuse under any circumstances. Remediation can be done by using short session expiration and explicit logouts of unused sessions to limit the attack vector. The potential danger of this vulnerability lies in unauthorized access to sensitive information and privileges within an organization's Graylog system.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions