CVE-2024-24823

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Feb 7, 2024
Updated: Feb 15, 2024
CWE ID 384

Summary

CVE-2024-24823 is a vulnerability that affects Graylog, a free and open log management platform. The vulnerability exists in versions 4.3.0 and prior to versions 5.1.11 and 5.2.4, allowing reauthentication with an existing session cookie to reuse the session ID, even if different user credentials are used. This could potentially lead to elevated access to an existing Graylog login session if a malicious user injects their session cookie into someone else's browser through a spoofed login screen or cross-site scripting attack. Graylog 5.1.11, 5.2.4, and any versions of the 6.0 development branch have been patched to prevent session reuse under any circumstances. Remediation can be done by using short session expiration and explicit logouts of unused sessions to limit the attack vector. The potential danger of this vulnerability lies in unauthorized access to sensitive information and privileges within an organization's Graylog system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24823 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options