CVE-2024-39315Sensitive Info Insertion into Sent Data in Pomerium Pomerium

CWE-201Sensitive Info Insertion into Sent Data4 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 37.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Pomerium PomeriumPomerium
Timeline
PublishedJul 2
Latest updateJul 5

Description

Pomerium is an identity and context-aware access proxy. Prior to version 0.26.1, the Pomerium user info page (at `/.pomerium`) unintentionally included serialized OAuth2 access and ID tokens from the logged-in user's session. These tokens are not intended to be exposed to end users. This issue may be more severe in the presence of a cross-site scripting vulnerability in an upstream application proxied through Pomerium. If an attacker could insert a malicious script onto a web page proxied throug

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDpomerium/pomerium< 0.26.1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
Pomerium exposed OAuth2 access and ID tokens in user info endpoint response2024-07-05
GHSA
Pomerium exposed OAuth2 access and ID tokens in user info endpoint response2024-07-05
OSV
Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium2024-07-03
CVE-2024-39315 — Pomerium Pomerium vulnerability | cvebase