| Vulnerability Name: | CVE-2021-21241 (CCN-194981) | ||||||||||||||||||||||||||||||||||||
| Assigned: | 2020-12-22 | ||||||||||||||||||||||||||||||||||||
| Published: | 2021-01-08 | ||||||||||||||||||||||||||||||||||||
| Updated: | 2021-01-19 | ||||||||||||||||||||||||||||||||||||
| Summary: | The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5, the /login and /change endpoints can return the authenticated user's authentication token in response to a GET request. Since GET requests aren't protected with a CSRF token, this could lead to a malicious 3rd party site acquiring the authentication token. Version 3.4.5 and version 4.0.0 are patched. As a workaround, if you aren't using authentication tokens - you can set the SECURITY_TOKEN_MAX_AGE to "0" (seconds) which should make the token unusable. | ||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.4 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N) 6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
| ||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-352 | ||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-21241 Source: XF Type: UNKNOWN python-cve202121241-csrf(194981) Source: MISC Type: Patch, Third Party Advisory https://github.com/Flask-Middleware/flask-security/commit/61d313150b5f620d0b800896c4f2199005e84b1f Source: MISC Type: Patch, Third Party Advisory https://github.com/Flask-Middleware/flask-security/commit/6d50ee9169acf813257c37b75babe9c28e83542a Source: MISC Type: Patch, Third Party Advisory https://github.com/Flask-Middleware/flask-security/pull/422 Source: MISC Type: Third Party Advisory https://github.com/Flask-Middleware/flask-security/releases/tag/3.4.5 Source: CCN Type: Flask GIT Repository CSRF Vuln can expose users authentication token Source: CONFIRM Type: Third Party Advisory https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv Source: MISC Type: Product, Third Party Advisory https://pypi.org/project/Flask-Security-Too | ||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||