CISA Thorium Insufficient Session Expiration Vulnerability
Vulnerability
A vulnerability exists in CISA Thorium versions 1.0.0 prior to 1.1.1, where the application fails to properly invalidate previously used tokens during password resets. This oversight allows an attacker with access to a prior token to log in even after the password has been changed. The issue has been addressed in version 1.1.1.
Impact
Exploitation of this vulnerability allows for unauthorized access to user accounts by reusing old tokens, potentially leading to unauthorized actions or access to sensitive information.
Reproduction
To reproduce this vulnerability, reset a user's password in an LDAP-enabled Thorium cluster. After the reset, attempt to log in using a token that was issued before the password was changed. The login should be successful, indicating that the old token was not properly invalidated.
Remediation
Users can update to CISA Thorium version 1.1.1 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.