Symfony storing cookie headers in HttpCache
CVE-2022-24894

8.8HIGH

Key Information:

Vendor: Symfony
Status: Symfony
Vendor: CVE Published:; 3 February 2023

Summary

A session management issue was identified in the Symfony PHP framework that affects its HTTP cache system. This vulnerability allows for the potential exposure of user session cookies through cached responses. Specifically, if the HTTP cache is configured to store responses, an attacker could exploit this by sending requests that result in a 'Set-Cookie' header being cached. When another user accesses the same cached response, their session could be compromised as it might inadvertently reveal sensitive session information. This vulnerability has been addressed with a patch in Symfony's 4.4 version, emphasizing the need for developers to update their systems to mitigate risks associated with session exposure.

Affected Version(s)

symfony >= 2.0.0, < 4.4.50 < 2.0.0, 4.4.50

symfony >= 5.0.0, < 5.4.20 < 5.0.0, 5.4.20

symfony >= 6.0.0, < 6.0.20 < 6.0.0, 6.0.20

References

https://github.com/symfony/symfony/security/advisories/GH...

x_refsource_CONFIRM

https://github.com/symfony/symfony/commit/d2f6322af9444ac...

x_refsource_MISC

https://lists.debian.org/debian-lts-announce/2023/07/msg0...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 3, 2023
Vulnerability Reserved
Feb 10, 2022