Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-34709

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.0, session tokens function like the other JWT tokens where they are not actually invalidated when logging out. The `directus_session` gets destroyed and the cookie gets deleted but if the cookie value is captured, it will still work for the entire expiry time which is set to 1 day by default. Making it effectively a long lived unrevokable stateless token instead of the stateful session token it was meant to be. This vulnerability is fixed in 10.11.0.

Published

2024-05-14T15:39:31.547

Last Modified

2025-01-03T16:20:01.927

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-613
Type: Primary
CWE-613

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	monospace	directus	< 10.11.0	Yes

References

https://github.com/directus/directus/commit/a6172f8a6a0f31a6bf4305a090de172ebfb63bcf Patch ([email protected])
https://github.com/directus/directus/security/advisories/GHSA-g65h-35f3-x2w3 Exploit, Vendor Advisory ([email protected])
https://github.com/directus/directus/commit/a6172f8a6a0f31a6bf4305a090de172ebfb63bcf Patch (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/directus/directus/security/advisories/GHSA-g65h-35f3-x2w3 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)