{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-53895","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2025-07-11T19:05:23.825Z","datePublished":"2025-07-15T16:39:00.635Z","dateUpdated":"2025-07-15T17:19:29.391Z"},"containers":{"cna":{"title":"ZITADEL has broken authN and authZ in session API and resulting session tokens","problemTypes":[{"descriptions":[{"cweId":"CWE-863","lang":"en","description":"CWE-863: Incorrect Authorization","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-384","lang":"en","description":"CWE-384: Session Fixation","type":"CWE"}]}],"metrics":[{"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","baseScore":7.7,"baseSeverity":"HIGH","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0"}}],"references":[{"name":"https://github.com/zitadel/zitadel/security/advisories/GHSA-6c5p-6www-pcmr","tags":["x_refsource_CONFIRM"],"url":"https://github.com/zitadel/zitadel/security/advisories/GHSA-6c5p-6www-pcmr"},{"name":"https://github.com/zitadel/zitadel/releases/tag/v2.70.14","tags":["x_refsource_MISC"],"url":"https://github.com/zitadel/zitadel/releases/tag/v2.70.14"},{"name":"https://github.com/zitadel/zitadel/releases/tag/v2.71.13","tags":["x_refsource_MISC"],"url":"https://github.com/zitadel/zitadel/releases/tag/v2.71.13"},{"name":"https://github.com/zitadel/zitadel/releases/tag/v3.3.2","tags":["x_refsource_MISC"],"url":"https://github.com/zitadel/zitadel/releases/tag/v3.3.2"},{"name":"https://github.com/zitadel/zitadel/releases/tag/v4.0.0-rc.2","tags":["x_refsource_MISC"],"url":"https://github.com/zitadel/zitadel/releases/tag/v4.0.0-rc.2"}],"affected":[{"vendor":"zitadel","product":"zitadel","versions":[{"version":"= 4.0.0-rc.1","status":"affected"},{"version":">= 3.0.0, < 3.3.1","status":"affected"},{"version":">= 2.53.0, < 2.70.14","status":"affected"},{"version":">= 2.71.0, < 2.71.13","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2025-07-15T16:39:00.635Z"},"descriptions":[{"lang":"en","value":"ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission check. This flaw enables session hijacking, allowing an attacker to impersonate another user and access sensitive resources. Versions prior to `2.53.0` are not affected, as they required the session token for updates. Versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14 fix the issue."}],"source":{"advisory":"GHSA-6c5p-6www-pcmr","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-15T17:19:18.220867Z","id":"CVE-2025-53895","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-15T17:19:29.391Z"}}]}}