cvelistv5 - cve-2025-43819

cve-2025-43819

Vulnerability from cvelistv5

Published

2025-09-24 01:37

Modified

2025-09-24 13:14

Severity ?

5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Summary

A Insufficient Session Expiration vulnerability in the Liferay Portal 7.4.3.121 through 7.3.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, and 2024.Q1.1 through 2024.Q1.12 is allow an remote non-authenticated attacker to reuse old user session by SLO API

References

▼	URL	Tags
	security@liferay.com	https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43819

Impacted products

▼	Vendor	Product
	Liferay	Portal
	Liferay	DXP

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43819",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-24T13:14:03.292347Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-24T13:14:12.135Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Portal",
          "vendor": "Liferay",
          "versions": [
            {
              "lessThanOrEqual": "7.4.3.131",
              "status": "affected",
              "version": "7.4.3.121",
              "versionType": "maven"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DXP",
          "vendor": "Liferay",
          "versions": [
            {
              "lessThanOrEqual": "2024.Q1.12",
              "status": "affected",
              "version": "2024.Q1.1",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "2024.Q2.13",
              "status": "affected",
              "version": "2024.Q2.0",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "2024.Q3.13",
              "status": "affected",
              "version": "2024.Q3.1",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "2024.Q4.3",
              "status": "affected",
              "version": "2024.Q4.0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Insufficient Session Expiration vulnerability in the Liferay Portal 7.4.3.121 through 7.3.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, and 2024.Q1.1 through 2024.Q1.12 is allow an remote non-authenticated attacker to reuse old user session by SLO API"
            }
          ],
          "value": "A Insufficient Session Expiration vulnerability in the Liferay Portal 7.4.3.121 through 7.3.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, and 2024.Q1.1 through 2024.Q1.12 is allow an remote non-authenticated attacker to reuse old user session by SLO API"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-613",
              "description": "CWE-613 Insufficient Session Expiration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-24T01:37:03.396Z",
        "orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
        "shortName": "Liferay"
      },
      "references": [
        {
          "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43819"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
    "assignerShortName": "Liferay",
    "cveId": "CVE-2025-43819",
    "datePublished": "2025-09-24T01:37:03.396Z",
    "dateReserved": "2025-04-17T10:55:35.684Z",
    "dateUpdated": "2025-09-24T13:14:12.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-43819\",\"sourceIdentifier\":\"security@liferay.com\",\"published\":\"2025-09-24T02:15:31.107\",\"lastModified\":\"2025-09-24T18:11:24.520\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Insufficient Session Expiration vulnerability in the Liferay Portal 7.4.3.121 through 7.3.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, and 2024.Q1.1 through 2024.Q1.12 is allow an remote non-authenticated attacker to reuse old user session by SLO API\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@liferay.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security@liferay.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-613\"}]}],\"references\":[{\"url\":\"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43819\",\"source\":\"security@liferay.com\"}]}}"
  }
}

ghsa-rpx3-f938-xj5q

Vulnerability from github

Published

2025-09-24 03:30

Modified

2025-09-27 03:25

Severity ?

5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Summary

Liferay Portal and DXP does not properly expire sessions

Details

Summary

Liferay Portal/DXP contains an Insufficient Session Expiration issue where the Single Logout (SLO) API may fail to invalidate a user’s previous session. An attacker can reuse a stale session via the SLO endpoint to gain an authenticated context.

Affected Versions

The following platform versions are affected:

Liferay Portal: 7.3.3.131 through 7.4.3.121
Liferay DXP:
- 2024.Q4.0–2024.Q4.3
- 2024.Q3.1–2024.Q3.13
- 2024.Q2.0–2024.Q2.13
- 2024.Q1.1–2024.Q1.12

Remediation

Update to the fixed builds and, for Maven consumers of the SAML module, upgrade com.liferay:com.liferay.saml.impl to 5.0.51 or later. After upgrading, ensure session invalidation policies are enforced and verify SLO behavior end-to-end.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.liferay:com.liferay.saml.impl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.0.51"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-43819"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-613"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-24T17:28:45Z",
    "nvd_published_at": "2025-09-24T02:15:31Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nLiferay Portal/DXP contains an Insufficient Session Expiration issue where the Single Logout (SLO) API may fail to invalidate a user\u2019s previous session. An attacker can reuse a stale session via the SLO endpoint to gain an authenticated context.\n\n### Affected Versions\n\nThe following platform versions are affected:\n\n*   **Liferay Portal:**  `7.3.3.131` through `7.4.3.121`\n*   **Liferay DXP:**\n    *   `2024.Q4.0`\u2013`2024.Q4.3`\n    *   `2024.Q3.1`\u2013`2024.Q3.13`\n    *   `2024.Q2.0`\u2013`2024.Q2.13`\n    *   `2024.Q1.1`\u2013`2024.Q1.12`\n\n### Remediation\n\nUpdate to the fixed builds and, for Maven consumers of the SAML module, upgrade `com.liferay:com.liferay.saml.impl` to **5.0.51** or later. After upgrading, ensure session invalidation policies are enforced and verify SLO behavior end-to-end.",
  "id": "GHSA-rpx3-f938-xj5q",
  "modified": "2025-09-27T03:25:21Z",
  "published": "2025-09-24T03:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43819"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/433dff5edae4414fdc436b49a9edb62d721c84b5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/da9105a61d788801797797a32583a4b76c902cdc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/liferay/liferay-portal"
    },
    {
      "type": "WEB",
      "url": "https://liferay.atlassian.net/browse/LPE-18159"
    },
    {
      "type": "WEB",
      "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43819"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-rpx3-f938-xj5q"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Liferay Portal and DXP does not properly expire sessions"
}

Action not permitted

cve-2025-43819

Vulnerability from cvelistv5

ghsa-rpx3-f938-xj5q

Vulnerability from github

Summary

Affected Versions

Remediation

Tags