CVE-2023-47628 : Security Advisory and Response
Learn about CVE-2023-47628 affecting DataHub, exposing user sessions to unauthorized access due to misconfigured session expiration settings. Find out the impacts, technical details, and mitigation steps.
A session expiration misconfiguration in DataHub has been identified, potentially exposing user sessions to unauthorized access due to the lack of session expiration settings. Here's what you need to know about CVE-2023-47628:
Understanding CVE-2023-47628
DataHub, an open-source metadata platform, is affected by a vulnerability that leaves session tokens valid indefinitely, allowing attackers to access sensitive user sessions.
What is CVE-2023-47628?
DataHub's session management using Play Framework lacks proper expiration settings for session cookies, enabling leaked or stolen cookies to remain valid indefinitely, even after user logout.
The Impact of CVE-2023-47628
The vulnerability affects all DataHub instances running versions below 0.12.1, potentially exposing user sessions to unauthorized access and compromising data security.
Technical Details of CVE-2023-47628
The following technical details outline the vulnerability in DataHub:
Vulnerability Description
DataHub's stateless session cookies do not have expiration times set, leading to the persistence of session tokens even after logout, posing a serious security risk.
Affected Systems and Versions
DataHub versions below 0.12.1 are impacted by this vulnerability, leaving user sessions exposed to exploitation.
Exploitation Mechanism
Attackers can extract session cookies from authenticated users and maintain unauthorized access due to the lack of expiration settings, potentially leading to data breaches.
Mitigation and Prevention
To mitigate the risks posed by CVE-2023-47628, immediate action and long-term security practices are crucial:
Immediate Steps to Take
- Users are strongly advised to update their DataHub instances to version 0.12.1 to address the vulnerability and ensure session security.
Long-Term Security Practices
- Implement regular security audits to identify and address any potential vulnerabilities in session management and overall system security.
Patching and Updates
- Regularly monitor and apply security patches and updates to ensure that the latest security measures are in place to protect against known vulnerabilities.