NVD – CVE-2020-15909 – Totally Secure

CVE-2020-15909 Detail

Awaiting Analysis

This vulnerability is currently awaiting analysis.

Description

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take advantage of this, cookie could be stolen and the JSESSIONID can be captured. On its own this is not a surprising result; low security tools allow the cookie to roam from machine to machine. The JSESSION cookie can then be used on the attackers’ workstation by browsing to the victim’s NCentral server URL and replacing the JSESSIONID attribute value by the captured value. Expected behavior would be to check this against a second source and enforce at least a reauthentication or multi factor request as N-Central is a highly privileged service.

Severity

CVSS 3.x Severity and Metrics:

CVSS 2.0 Severity and Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

1 change records found show changes

CVE Modified by MITRE 10/19/2020 3:15:14 PM

Action	Type	Old Value	New Value
Changed	Description	SolarWinds N-central through 2020.1 allows session hijacking.	Record truncated, showing 500 of 838 characters. View Entire Change Record SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take advantage of this, cookie could be stolen and the JSESSIONID can be captured. On its own this is not a surprising result; low security tools allow the cookie to roam from machine to machine. The JSESSION cooki

Action

Type

Old Value

New Value

Changed

Description

SolarWinds N-central through 2020.1 allows session hijacking.

Record truncated, showing 500 of 838 characters.
View Entire Change Record

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take advantage of this, cookie could be stolen and the JSESSIONID can be captured. On its own this is not a surprising result; low security tools allow the cookie to roam from machine to machine. The JSESSION cooki

Quick Info

CVE Dictionary Entry:
CVE-2020-15909
NVD Published Date:
10/19/2020
NVD Last Modified:
10/19/2020
Source:
MITRE

Totally Secure

NVD – CVE-2020-15909

ByTotally Secure

CVE-2020-15909 Detail

Description

Severity

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

CVE Modified by MITRE 10/19/2020 3:15:14 PM

Quick Info

By Totally Secure

Related Post

NVD – CVE-2017-20187

NVD – CVE-2017-7252

NVD – CVE-2018-25092

You missed

Vulnerability Summary for the Week of November 11, 2024

Vulnerability Summary for the Week of November 4, 2024

Vulnerability Summary for the Week of October 28, 2024

Vulnerability Summary for the Week of October 21, 2024

Totally Secure