Skip to content

Session Fixation in Tryton

Moderate severity GitHub Reviewed Published Nov 29, 2018 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

pip tryton (pip)

Affected versions

= 5.0.0

Patched versions

5.0.1

Description

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. This connection attempt fails, but it contains in the header the current session of the user. This session could then be stolen by a man-in-the-middle.

References

Published to the GitHub Advisory Database Nov 29, 2018
Reviewed Jun 16, 2020
Last updated Jan 9, 2023

Severity

Moderate
5.9
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses

CVE ID

CVE-2018-19443

GHSA ID

GHSA-32w7-9whp-cjp9

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.