Platform
other
Component
ragic-enterprise-cloud-database
Fixed in
2024/08/08 09:45:25
CVE-2024-9984 is a critical vulnerability affecting Ragic Enterprise Cloud Database. It allows unauthenticated remote attackers to obtain user session cookies, granting them unauthorized access to user accounts. This vulnerability impacts versions 0 through 2024/08/08. A fix was released on 2024/08/08.
The primary impact of CVE-2024-9984 is the potential for complete account takeover. By obtaining a user's session cookie, an attacker can impersonate that user and access all data and functionality associated with their account. This could include sensitive data, financial information, and administrative controls. The blast radius extends to all users of the Ragic Enterprise Cloud Database, as any user's session could be compromised. Successful exploitation requires only network access to the vulnerable service; no authentication is needed.
This vulnerability was publicly disclosed on 2024-10-15. There is currently no indication of active exploitation campaigns, but the ease of exploitation (no authentication required) suggests a high probability of exploitation if the vulnerability remains unpatched. The vulnerability has been added to the CISA KEV catalog, indicating a high level of concern. No public proof-of-concept exploits have been released as of this writing.
Exploit Status
EPSS
1.88% (83% percentile)
CISA SSVC
CVSS Vector
The immediate mitigation for CVE-2024-9984 is to upgrade to version 2024/08/08 or later. If upgrading is not immediately feasible, consider implementing stricter access controls to limit the potential impact of a compromised session. This could include multi-factor authentication (MFA) and regular session timeouts. Monitor Ragic Enterprise Cloud Database logs for any unusual activity, such as unexpected login attempts or access to sensitive data. While a WAF cannot directly prevent this vulnerability, it can be configured to detect and block suspicious traffic patterns associated with session hijacking attempts.
Update Ragic Enterprise Cloud Database to a version later than 2024/08/08 09:45:25. This will resolve the missing authentication and prevent unauthorized access to user session cookies. See the release notes for more details about the update.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-9984 is a critical vulnerability in Ragic Enterprise Cloud Database allowing unauthenticated attackers to steal user session cookies, potentially leading to account takeover. It impacts versions 0–2024/08/08 and has a CVSS score of 9.8.
If you are using Ragic Enterprise Cloud Database versions 0 through 2024/08/08, you are potentially affected. Upgrade immediately to mitigate the risk.
Upgrade to version 2024/08/08 or later. Implement stricter access controls and monitor logs for suspicious activity.
While there's no confirmed active exploitation, the ease of exploitation suggests a high probability if unpatched. Monitor your systems closely.
Refer to the Ragic security advisory for detailed information and updates: [https://www.ragic.com/security/](https://www.ragic.com/security/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.