CVE-2022-22122

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-22122
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of [CVE-2021-37866]. Notes: All CVE users should reference [CVE-2021-37866] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

07 Nov 2023, 03:43

Type Values Removed Values Added
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of [CVE-2021-37866]. Notes: All CVE users should reference [CVE-2021-37866] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of [CVE-2021-37866]. Notes: All CVE users should reference [CVE-2021-37866] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

02 Feb 2022, 17:15

Type Values Removed Values Added
CWE CWE-613
Summary In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as used respectively in Mattermost, versions prior to v5.37.6, v5.39.3, v6.0.4, v6.1.1 and v6.2.0, are vulnerable to Insufficient Session Expiration. When a user initiates a logout, their session is not invalidated properly. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration time. This makes it possible for an attacker to steal and reuse the cookies using techniques such as XSS attacks, to completely take over a victim account. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of [CVE-2021-37866]. Notes: All CVE users should reference [CVE-2021-37866] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVSS v2 : 7.5
v3 : 9.8 		v2 : unknown
v3 : unknown
CPE cpe:2.3:a:mattermost:focalboard:*:*:*:*:*:*:*:*
References
  • {'url': 'https://github.com/mattermost/focalboard/commit/0ebc9a4be110764a2510bf886531f21e21b079ea', 'name': 'https://github.com/mattermost/focalboard/commit/0ebc9a4be110764a2510bf886531f21e21b079ea', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/mattermost-server/commit/0a042ca05fefa0584045bab1b7dae102360c98c5', 'name': 'https://github.com/mattermost/mattermost-server/commit/0a042ca05fefa0584045bab1b7dae102360c98c5', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/focalboard/commit/0142c114e9325722d6c8e8ca00f10f0f34dd0409', 'name': 'https://github.com/mattermost/focalboard/commit/0142c114e9325722d6c8e8ca00f10f0f34dd0409', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/mattermost-server/commit/74e87ec3e623202a9654ae164e834cfe26dd6ec3', 'name': 'https://github.com/mattermost/mattermost-server/commit/74e87ec3e623202a9654ae164e834cfe26dd6ec3', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/focalboard/commit/6104de5ba51f79d749b9d5406fde5c2983fc5c5c', 'name': 'https://github.com/mattermost/focalboard/commit/6104de5ba51f79d749b9d5406fde5c2983fc5c5c', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-22122', 'name': 'https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-22122', 'tags': ['Exploit', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/focalboard/commit/87f4dd224c8736778a8f23788a92471b11da9061', 'name': 'https://github.com/mattermost/focalboard/commit/87f4dd224c8736778a8f23788a92471b11da9061', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/mattermost-server/commit/6a4c881450973284c3ed98f39bde4809ddd8a758', 'name': 'https://github.com/mattermost/mattermost-server/commit/6a4c881450973284c3ed98f39bde4809ddd8a758', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/focalboard/commit/2f08c6782762e58e008bd50f3892cb1cdd1be539', 'name': 'https://github.com/mattermost/focalboard/commit/2f08c6782762e58e008bd50f3892cb1cdd1be539', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/focalboard/commit/a2fab2c1d9b3f61871f6da4dc434a2b19ca9552c', 'name': 'https://github.com/mattermost/focalboard/commit/a2fab2c1d9b3f61871f6da4dc434a2b19ca9552c', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/mattermost-server/commit/7bc182de9eebb708d62b828213144a1aa4560fa0', 'name': 'https://github.com/mattermost/mattermost-server/commit/7bc182de9eebb708d62b828213144a1aa4560fa0', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/mattermost/mattermost-server/commit/5f7fd34956ad5bf7e3697a920e377e11c16dda06', 'name': 'https://github.com/mattermost/mattermost-server/commit/5f7fd34956ad5bf7e3697a920e377e11c16dda06', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}

24 Jan 2022, 17:08

Type Values Removed Values Added
References (MISC) https://github.com/mattermost/focalboard/commit/0ebc9a4be110764a2510bf886531f21e21b079ea - (MISC) https://github.com/mattermost/focalboard/commit/0ebc9a4be110764a2510bf886531f21e21b079ea - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/mattermost-server/commit/0a042ca05fefa0584045bab1b7dae102360c98c5 - (MISC) https://github.com/mattermost/mattermost-server/commit/0a042ca05fefa0584045bab1b7dae102360c98c5 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/focalboard/commit/0142c114e9325722d6c8e8ca00f10f0f34dd0409 - (MISC) https://github.com/mattermost/focalboard/commit/0142c114e9325722d6c8e8ca00f10f0f34dd0409 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/mattermost-server/commit/74e87ec3e623202a9654ae164e834cfe26dd6ec3 - (MISC) https://github.com/mattermost/mattermost-server/commit/74e87ec3e623202a9654ae164e834cfe26dd6ec3 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/focalboard/commit/6104de5ba51f79d749b9d5406fde5c2983fc5c5c - (MISC) https://github.com/mattermost/focalboard/commit/6104de5ba51f79d749b9d5406fde5c2983fc5c5c - Patch, Third Party Advisory
References (MISC) https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-22122 - (MISC) https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-22122 - Exploit, Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/focalboard/commit/87f4dd224c8736778a8f23788a92471b11da9061 - (MISC) https://github.com/mattermost/focalboard/commit/87f4dd224c8736778a8f23788a92471b11da9061 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/mattermost-server/commit/6a4c881450973284c3ed98f39bde4809ddd8a758 - (MISC) https://github.com/mattermost/mattermost-server/commit/6a4c881450973284c3ed98f39bde4809ddd8a758 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/focalboard/commit/2f08c6782762e58e008bd50f3892cb1cdd1be539 - (MISC) https://github.com/mattermost/focalboard/commit/2f08c6782762e58e008bd50f3892cb1cdd1be539 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/focalboard/commit/a2fab2c1d9b3f61871f6da4dc434a2b19ca9552c - (MISC) https://github.com/mattermost/focalboard/commit/a2fab2c1d9b3f61871f6da4dc434a2b19ca9552c - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/mattermost-server/commit/7bc182de9eebb708d62b828213144a1aa4560fa0 - (MISC) https://github.com/mattermost/mattermost-server/commit/7bc182de9eebb708d62b828213144a1aa4560fa0 - Patch, Third Party Advisory
References (MISC) https://github.com/mattermost/mattermost-server/commit/5f7fd34956ad5bf7e3697a920e377e11c16dda06 - (MISC) https://github.com/mattermost/mattermost-server/commit/5f7fd34956ad5bf7e3697a920e377e11c16dda06 - Patch, Third Party Advisory
First Time Mattermost focalboard
Mattermost
CVSS v2 : unknown
v3 : 9.8 		v2 : 7.5
v3 : 9.8
CPE cpe:2.3:a:mattermost:focalboard:*:*:*:*:*:*:*:*

13 Jan 2022, 17:18

Type Values Removed Values Added
New CVE
Information

Published : 2022-01-13 17:15

Updated : 2023-12-10 14:09

NVD link : CVE-2022-22122

Mitre link : CVE-2022-22122

CVE.ORG link : CVE-2022-22122

JSON object : View

Products Affected

No product.

CWE

No CWE.