fkie_cve-2024-53990
Vulnerability from fkie_nvd
Published
2024-12-02 18:15
Modified
2024-12-02 18:15
Severity ?
9.2 (Critical) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request, the automatically enabled and self-managed CookieStore (aka cookie jar) will silently replace explicitly defined Cookies with any that have the same name from the cookie jar. For services that operate with multiple users, this can result in one user's Cookie being used for another user's requests.
References
security-advisories@github.comhttps://github.com/AsyncHttpClient/async-http-client/commit/d5a83362f7aed81b93ebca559746ac9be0f95425
security-advisories@github.comhttps://github.com/AsyncHttpClient/async-http-client/issues/1964
security-advisories@github.comhttps://github.com/AsyncHttpClient/async-http-client/pull/2033
security-advisories@github.comhttps://github.com/AsyncHttpClient/async-http-client/security/advisories/GHSA-mfj5-cf8g-g2fv
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request, the automatically enabled and self-managed CookieStore (aka cookie jar) will silently replace explicitly defined Cookies with any that have the same name from the cookie jar. For services that operate with multiple users, this can result in one user\u0027s Cookie being used for another user\u0027s requests."
    },
    {
      "lang": "es",
      "value": "La librer\u00eda AsyncHttpClient (AHC) permite que las aplicaciones Java ejecuten f\u00e1cilmente solicitudes HTTP y procesen de forma asincr\u00f3nica las respuestas HTTP. Al realizar una solicitud HTTP, el CookieStore (tambi\u00e9n conocido como contenedor de cookies) habilitado autom\u00e1ticamente y autoadministrado reemplazar\u00e1 silenciosamente las Cookies definidas expl\u00edcitamente por cualquier cookie que tenga el mismo nombre del contenedor de cookies. En el caso de los servicios que funcionan con varios usuarios, esto puede provocar que la Cookie de un usuario se utilice para las solicitudes de otro usuario."
    }
  ],
  "id": "CVE-2024-53990",
  "lastModified": "2024-12-02T18:15:11.753",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 9.2,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "HIGH",
          "vulnerableSystemConfidentiality": "HIGH",
          "vulnerableSystemIntegrity": "HIGH"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-02T18:15:11.753",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/AsyncHttpClient/async-http-client/commit/d5a83362f7aed81b93ebca559746ac9be0f95425"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/AsyncHttpClient/async-http-client/issues/1964"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/AsyncHttpClient/async-http-client/pull/2033"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/AsyncHttpClient/async-http-client/security/advisories/GHSA-mfj5-cf8g-g2fv"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.