Description

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused.

Classification

Assigner: [email protected]

CWE: CWE-613

Links
CPEs
  • soar cloud_hr_portal

CVSS

CVSS version: 3.1 Base score: 8.8
Base severity: HIGH Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability score: 2.8 Impact score: 5.9

Can you explain the CVE description?

This Common Vulnerabilities and Exposures (CVE) description is for a vulnerability identified as CVE-2024-5995. The vulnerability exists in the notification emails sent by Soar Cloud HR Portal, as they contain a link with an embedded session. The session expiration is not properly configured, allowing it to remain valid for more than 7 days and be reused. This vulnerability has a CVSS score of 8.8, indicating a high severity level. It has been classified under CWE-613. The vulnerability was published on June 14, 2024, and is currently in the EARLY_WARNING status. More information and resources related to this vulnerability can be found in the provided URLs. The vector CVSS for this vulnerability is AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating that an attacker can exploit the vulnerability remotely without authentication and with low complexity. The exploitability score is 2.8, and the impact score is 5.9. The assigner of this CVE is [email protected].

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by an attacker exploiting the embedded session link in the notification emails sent by Soar Cloud HR Portal. By leveraging the fact that the session expiration is not properly configured and remains valid for more than 7 days, the attacker can intercept the email containing the link, extract the session token, and reuse it to gain unauthorized access to the HR portal. The attacker can then proceed to escalate their privileges, exfiltrate sensitive data, or perform other malicious actions within the HR portal. This can lead to a significant impact on the confidentiality, integrity, and availability of the HR portal and the data it contains.


Generated on: 2024-07-01