Dev Blog v1.0 - ATO
Summary
| Name | Dev Blog v1.0 - Account Takeover |
| Code name | |
| Product | Dev Blog |
| Affected versions | v1.0 |
| State | Public |
| Release date | 2023-04-10 |
Vulnerability
| Kind | Account Takeover (ATO) |
| Rule | |
| Remote | Yes |
| CVSSv3.1 Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| CVSSv3.1 Base Score | 9.1 |
| Exploit available | Yes |
| CVE ID(s) |
Description
Dev blog v1.0 allows to exploit an account takeover through the "user" cookie. With this, an attacker can access any user's session just by knowing their username.
Vulnerability
An account takeover has been identified in Dev blog, which allows an attacker to hijack the session of arbitrary users as long as he knows the respective username of the victim.
Evidence of exploitation
Our security policy
We have reserved the ID CVE-2023-6144 to refer to this issue from now on.
System Information
-
Version: Dev Blog v1.0
-
Operating System: MacOS
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Carlos Bello from Fluid Attacks' Offensive Team.
References
Vendor page https://github.com/Armanidrisi/devblog/
Timeline
2023-11-14
Vulnerability discovered.
2023-11-14
Vendor contacted.
2023-11-14
Vendor Confirmed the vulnerability.
2023-11-15
Public Disclosure.
