CVE-2022-24743 - Vulnerability Details - OpenCVE

Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\Bundle\ApiBundle\CommandHandler\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Sylius	Sylius

Configuration 1 [-]

OR	cpe:2.3:a:sylius:sylius::::::::
	cpe:2.3:a:sylius:sylius::::::::

No data.

References

Link	Providers
https://github.com/Sylius/Sylius/releases/tag/v1.10.11
https://github.com/Sylius/Sylius/releases/tag/v1.11.2
https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g

History

Tue, 22 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-03-14T21:00:14.000Z

Updated: 2025-04-22T18:18:50.307Z

Reserved: 2022-02-10T00:00:00.000Z

Link: CVE-2022-24743

Vulnrichment

Updated: 2024-08-03T04:20:50.484Z

NVD

Status : Modified

Published: 2022-03-14T21:15:07.947

Modified: 2024-11-21T06:50:59.970

Link: CVE-2022-24743

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Sylius", "vendor": "Sylius", "versions": [{"status": "affected", "version": "< 1.10.11"}, {"status": "affected", "version": ">= 1.11.0, < 1.11.2"}]}], "descriptions": [{"lang": "en", "value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-613", "description": "CWE-613: Insufficient Session Expiration", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-14T21:00:14.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"}], "source": {"advisory": "GHSA-mf3v-f2qq-pf9g", "discovery": "UNKNOWN"}, "title": "Insufficient Session Expiration in Sylius", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24743", "STATE": "PUBLIC", "TITLE": "Insufficient Session Expiration in Sylius"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Sylius", "version": {"version_data": [{"version_value": "< 1.10.11"}, {"version_value": ">= 1.11.0, < 1.11.2"}]}}]}, "vendor_name": "Sylius"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-613: Insufficient Session Expiration"}]}]}, "references": {"reference_data": [{"name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11", "refsource": "MISC", "url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"}, {"name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2", "refsource": "MISC", "url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"}, {"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g", "refsource": "CONFIRM", "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"}]}, "source": {"advisory": "GHSA-mf3v-f2qq-pf9g", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.484Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-22T15:49:17.884088Z", "id": "CVE-2022-24743", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T18:18:50.307Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24743", "datePublished": "2022-03-14T21:00:14.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-22T18:18:50.307Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.484Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24743", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-22T15:49:17.884088Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T15:49:19.484Z"}}], "cna": {"title": "Insufficient Session Expiration in Sylius", "source": {"advisory": "GHSA-mf3v-f2qq-pf9g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Sylius", "product": "Sylius", "versions": [{"status": "affected", "version": "< 1.10.11"}, {"status": "affected", "version": ">= 1.11.0, < 1.11.2"}]}], "references": [{"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-613", "description": "CWE-613: Insufficient Session Expiration"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-03-14T21:00:14.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, "source": {"advisory": "GHSA-mf3v-f2qq-pf9g", "discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "< 1.10.11"}, {"version_value": ">= 1.11.0, < 1.11.2"}]}, "product_name": "Sylius"}]}, "vendor_name": "Sylius"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11", "name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11", "refsource": "MISC"}, {"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2", "name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2", "refsource": "MISC"}, {"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g", "name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-613: Insufficient Session Expiration"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-24743", "STATE": "PUBLIC", "TITLE": "Insufficient Session Expiration in Sylius", "ASSIGNER": "security-advisories@github.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-24743", "state": "PUBLISHED", "dateUpdated": "2025-04-22T18:18:50.307Z", "dateReserved": "2022-02-10T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-03-14T21:00:14.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*", "matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F", "versionEndExcluding": "1.10.11", "versionStartIncluding": "1.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F", "versionEndExcluding": "1.11.2", "versionStartIncluding": "1.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."}, {"lang": "es", "value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. En versiones anteriores a 1.10.11 y 1.11.2, el token de restablecimiento de contrase\u00f1a no se establec\u00eda como nulo despu\u00e9s de cambiar la contrase\u00f1a. El mismo token pod\u00eda ser usado varias veces, lo que pod\u00eda resultar en un filtrado del token existente y a un cambio de contrase\u00f1a no autorizado. El problema ha sido corregido en versiones 1.10.11 y 1.11.2. Como medida de mitigaci\u00f3n, sobrescriba la clase \"Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler\" con el c\u00f3digo proporcionado por los mantenedores y reg\u00edstrela en un contenedor. M\u00e1s informaci\u00f3n sobre esta medida de mitigaci\u00f3n est\u00e1 disponible en el aviso de seguridad de GitHub"}], "id": "CVE-2022-24743", "lastModified": "2024-11-21T06:50:59.970", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-14T21:15:07.947", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}]}