Tribal Systems Zenario CMS vulnerable to Session Fixation

Description

Tribal Systems Zenario CMS 9.3.57595 is vulnerable to session fixation. In Zenario CMS, the user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after user logout and login again into the application when "Remember me" option active. Failing to issue a new session ID following a successful login introduces the possibility for an attacker to set up a trap session on the device the victim is likely to login with. The attack may be initiated remotely and an exploit has been disclosed.

Basic information

Type
reviewed
Severity
medium
Advisory on GitHub
Open advisory ↗
Repository advisory
Source code
Browse source ↗
Published (advisory)
2022-11-30 12:30:20 UTC
Updated
2023-01-31 05:03:00 UTC
GitHub reviewed
2022-12-05 18:31:41 UTC
NVD published
2022-11-30

EPSS Score

Score Percentile
0.20% 42.45%

CVSS Scores

Base score Version Severity Vector
5.4 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R)
A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:L)
Attackers could change some data, but it’s limited—not everything goes.
Availability (A:N)
Service keeps running; no real outage angle.

Identifiers

CWEs

CWE id Name
CWE-384 Session Fixation

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
composer tribalsystems/zenario <= 9.3.57595

References

cvelogic Threat Intelligence