GHSA-6cq5-8cj7-g558

Suggest an improvement
Source
https://github.com/advisories/GHSA-6cq5-8cj7-g558
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/12/GHSA-6cq5-8cj7-g558/GHSA-6cq5-8cj7-g558.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-6cq5-8cj7-g558
Aliases
Published
2022-12-22T20:01:18Z
Modified
2023-12-06T01:02:43.191201Z
Severity
  • 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L CVSS Calculator
Summary
CodeIgniter4 Potential Session Handlers Vulnerability
Details

Impact

When an application uses (1) multiple session cookies (e.g., one for user pages and one for admin pages) and (2) a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler, then if an attacker gets one session cookie (e.g., one for user pages), they may be able to access pages that require another session cookie (e.g., for admin pages).

Patches

Upgrade to version 4.2.11 or later.

Workarounds

  • Use only one session cookie.

References

  • https://codeigniter4.github.io/userguide/libraries/sessions.html#session-drivers

For more information

If you have any questions or comments about this advisory: * Open an issue in codeigniter4/CodeIgniter4 * Email us at SECURITY.md

References

Affected packages

Packagist / codeigniter4/framework

Package

Name
codeigniter4/framework
Purl
pkg:composer/codeigniter4/framework

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.11

Affected versions

v4.*

v4.0.0-alpha.3
v4.0.0-alpha.4
v4.0.0-alpha.5
v4.0.0-beta.1
v4.0.0-beta.2
v4.0.0-beta.3
v4.0.0-beta.4
v4.0.0-rc.1
v4.0.0-rc.2
v4.0.0-rc.2.1
v4.0.0-rc.3
v4.0.1
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.1.0
v4.1.1
v4.1.2
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v4.2.10

4.*

4.0.0-rc.4
4.0.0