CVE-2024-2260 - Vulnerability Details - OpenCVE

ReportizFlow

A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Zenml	Zenml

Configuration 1 [-]

cpe:2.3:a:zenml:zenml:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e
https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167

History

Fri, 13 Jun 2025 00:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Zenml Zenml zenml
CPEs		cpe:2.3:a:zenml:zenml::::::::
Vendors & Products		Zenml Zenml zenml
Metrics		cvssV3_1 `{'score': 4.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-04-16T00:00:14.951Z

Updated: 2024-08-01T19:03:39.351Z

Reserved: 2024-03-07T11:52:54.353Z

Link: CVE-2024-2260

Vulnrichment

Updated: 2024-08-01T19:03:39.351Z

NVD

Status : Analyzed

Published: 2024-04-16T00:15:11.237

Modified: 2025-06-12T23:48:17.817

Link: CVE-2024-2260

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2260", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-03-07T11:52:54.353Z", "datePublished": "2024-04-16T00:00:14.951Z", "dateUpdated": "2024-08-01T19:03:39.351Z"}, "containers": {"cna": {"title": "Session Fixation Vulnerability in zenml-io/zenml", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:45.359Z"}, "descriptions": [{"lang": "en", "value": "A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token."}], "affected": [{"vendor": "zenml-io", "product": "zenml-io/zenml", "versions": [{"version": "unspecified", "lessThan": "0.56.2", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167"}, {"url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.2, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-384 Session Fixation", "cweId": "CWE-384"}]}], "source": {"advisory": "2d0856ec-ed73-477a-8ea2-d5d4f15cf167", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "zenmlio", "product": "zenml", "cpes": ["cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.56.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-03T17:33:53.794175Z", "id": "CVE-2024-2260", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T21:04:22.816Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:03:39.351Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167", "tags": ["x_transferred"]}, {"url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167", "tags": ["x_transferred"]}, {"url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:03:39.351Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2260", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-03T17:33:53.794175Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*"], "vendor": "zenmlio", "product": "zenml", "versions": [{"status": "affected", "version": "0", "lessThan": "0.56.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T17:37:22.942Z"}}], "cna": {"title": "Session Fixation Vulnerability in zenml-io/zenml", "source": {"advisory": "2d0856ec-ed73-477a-8ea2-d5d4f15cf167", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "zenml-io", "product": "zenml-io/zenml", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.56.2", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167"}, {"url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e"}], "descriptions": [{"lang": "en", "value": "A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-384", "description": "CWE-384 Session Fixation"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:45.359Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2260", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:03:39.351Z", "dateReserved": "2024-03-07T11:52:54.353Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-04-16T00:00:14.951Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zenml:zenml:*:*:*:*:*:*:*:*", "matchCriteriaId": "B39C79D8-E418-4820-A799-CE4633861C93", "versionEndExcluding": "0.56.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token."}, {"lang": "es", "value": "Existe una vulnerabilidad de reparaci\u00f3n de sesi\u00f3n en la aplicaci\u00f3n zenml-io/zenml, donde los tokens JWT utilizados para la autenticaci\u00f3n del usuario no se invalidan al cerrar sesi\u00f3n. Esta falla permite a un atacante eludir los mecanismos de autenticaci\u00f3n reutilizando el token JWT de la v\u00edctima."}], "id": "CVE-2024-2260", "lastModified": "2025-06-12T23:48:17.817", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "[email protected]", "type": "Primary"}]}, "published": "2024-04-16T00:15:11.237", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-384"}], "source": "[email protected]", "type": "Secondary"}]}