CVE-2024-23679 in Enonicinfo

Summary

by MITRE • 01/19/2024

Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 11/29/2025

The vulnerability identified as CVE-2024-23679 affects Enonic XP versions prior to 7.7.4 and represents a critical session fixation weakness that undermines the authentication security model of the platform. This issue stems from the application's failure to properly invalidate session attributes when users authenticate, creating a persistent security flaw that allows unauthorized actors to maintain access to previously established sessions. The vulnerability is particularly concerning because it operates without requiring any authentication credentials from the attacker, making it an attractive target for malicious actors seeking to exploit the system's session management mechanisms.

The technical flaw manifests in the session handling logic where Enonic XP fails to properly destroy or regenerate session identifiers upon successful authentication. This creates a scenario where an attacker can obtain a valid session token and subsequently reuse it to gain unauthorized access to user accounts or system resources. The vulnerability is classified under CWE-384 as a Session Fixation issue, which directly violates the principle of secure session management by allowing session tokens to remain valid across authentication boundaries. The lack of proper session invalidation means that even when legitimate users authenticate, their previous session states remain active and usable by attackers who have obtained the session identifiers through various means such as network sniffing, session token interception, or other reconnaissance activities.

From an operational perspective, this vulnerability poses significant risks to organizations using affected Enonic XP versions as it enables persistent unauthorized access to sensitive system resources. Attackers can leverage this weakness to maintain long-term access to administrative interfaces, content management systems, and user data without requiring continuous authentication attempts. The impact extends beyond simple unauthorized access to include potential data breaches, privilege escalation opportunities, and the ability to perform malicious actions within the system. This vulnerability directly maps to attack techniques described in the MITRE ATT&CK framework under T1563.002 for "Create or Modify System Process" and T1078.002 for "Valid Accounts: Domain Accounts," as attackers can maintain persistent access through compromised session tokens rather than relying on credential theft or other authentication bypass methods.

The primary mitigation strategy involves upgrading to Enonic XP version 7.7.4 or later, which includes proper session invalidation mechanisms that prevent the reuse of session tokens across authentication boundaries. Organizations should also implement additional security controls such as session timeout configurations, secure session cookie attributes including HttpOnly and Secure flags, and regular session monitoring to detect anomalous access patterns. Network segmentation and intrusion detection systems can help identify potential exploitation attempts by monitoring for unusual session token usage patterns. Security teams should conduct thorough session management audits to ensure that all authentication flows properly invalidate previous session states and implement proper session regeneration techniques to prevent session fixation attacks. The vulnerability highlights the importance of adhering to secure coding practices and proper session management protocols as outlined in OWASP Top 10 and NIST cybersecurity guidelines for web application security.

Reservation

01/19/2024

Disclosure

01/19/2024

Moderation

accepted

CPE

ready

EPSS

0.00836

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!