{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-58134","assignerOrgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","state":"PUBLISHED","assignerShortName":"CPANSec","dateReserved":"2025-04-07T16:06:37.226Z","datePublished":"2025-05-03T16:08:55.042Z","dateUpdated":"2025-10-20T20:09:00.882Z"},"containers":{"cna":{"affected":[{"collectionURL":"https://cpan.org/modules","defaultStatus":"unaffected","packageName":"Mojolicious","product":"Mojolicious","programFiles":["lib/Mojolicious.pm"],"programRoutines":[{"name":"secrets()"}],"repo":"https://github.com/mojolicious/mojo","vendor":"SRI","versions":[{"lessThanOrEqual":"*","status":"affected","version":"0.999922","versionType":"custom"}]}],"credits":[{"lang":"en","type":"analyst","value":"Antoine Cervoise from Synacktiv"},{"lang":"en","type":"analyst","value":"Jakub Kramarz"},{"lang":"en","type":"analyst","value":"Lukas Atkinson"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default.<br><br>These predictable default secrets can be exploited by an attacker to forge session cookies.&nbsp; An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session.<br>"}],"value":"Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default.\n\nThese predictable default secrets can be exploited by an attacker to forge session cookies.  An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-321","description":"CWE-321 Use of Hard-coded Cryptographic Key","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-331","description":"CWE-331 Insufficient Entropy","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","shortName":"CPANSec","dateUpdated":"2025-10-20T20:09:00.882Z"},"references":[{"tags":["issue-tracking"],"url":"https://github.com/mojolicious/mojo/pull/1791"},{"tags":["issue-tracking"],"url":"https://github.com/mojolicious/mojo/pull/2200"},{"tags":["technical-description"],"url":"https://www.synacktiv.com/publications/baking-mojolicious-cookies"},{"tags":["technical-description"],"url":"https://medium.com/securing/baking-mojolicious-cookies-revisited-a-case-study-of-solving-security-problems-through-security-by-13da7c225802"},{"tags":["related"],"url":"https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojolicious.pm#L51"},{"tags":["exploit"],"url":"https://github.com/hashcat/hashcat/pull/4090"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00016.html"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00017.html"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00018.html"},{"tags":["issue-tracking"],"url":"https://github.com/mojolicious/mojo/pull/2252"},{"tags":["technical-description"],"url":"https://docs.mojolicious.org/Mojolicious/Guides/FAQ#What-does-Your-secret-passphrase-needs-to-be-changed-mean"}],"source":{"discovery":"UNKNOWN"},"title":"Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Ensure that your Mojolicious application uses a unique secret of at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command.<br>"}],"value":"Ensure that your Mojolicious application uses a unique secret of at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command."}],"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.1,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-05-12T15:57:49.444238Z","id":"CVE-2024-58134","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-12T16:00:28.464Z"}}]}}