CVE-2022-1155 – This vulnerability in Snipe-IT allows attackers... (How to Fix)

Q: What is the severity of CVE-2022-1155?

CVE-2022-1155 has a CVSS score of 7.4 (HIGH). This vulnerability in Snipe-IT allows attackers to bypass authentication by reusing old sessions even after the login enable function is activated. It affects all Snipe-IT instances prior to version 5.3.10 where session management is improperly handled. This could allow unauthorized access to the asset management system.

📋 TL;DR

This vulnerability in Snipe-IT allows attackers to bypass authentication by reusing old sessions even after the login enable function is activated. It affects all Snipe-IT instances prior to version 5.3.10 where session management is improperly handled. This could allow unauthorized access to the asset management system.

💻 Affected Systems

Products:

Snipe-IT

Versions: All versions prior to 5.3.10

Operating Systems: All platforms running Snipe-IT

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all Snipe-IT deployments using the default session management configuration.

📦 What is this software?

Snipe It by Snipeitapp

View all CVEs affecting Snipe It →

Snipe It by Snipeitapp

View all CVEs affecting Snipe It →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain persistent unauthorized access to the Snipe-IT system, potentially accessing sensitive asset data, modifying inventory, or escalating privileges within the application.

🟠

Likely Case

Previous legitimate users whose sessions should have been invalidated can continue accessing the system without proper re-authentication, leading to unauthorized access to asset management functions.

🟢

If Mitigated

With proper session timeout controls and monitoring, the impact is limited to temporary access windows before sessions naturally expire.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to old session tokens/cookies, but the attack is straightforward once these are obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.3.10

Vendor Advisory: https://github.com/snipe/snipe-it/commit/bdabbbd4e98e88ee01e728ceb4fd512661fbd38d

Restart Required: Yes

Instructions:

1. Backup your current Snipe-IT installation and database. 2. Update to Snipe-IT version 5.3.10 or later via git pull or package update. 3. Run database migrations if required. 4. Restart the web server/service. 5. Verify the fix by testing session invalidation.

🔧 Temporary Workarounds

Manual Session Cleanup

linux

Manually invalidate all existing sessions by clearing session storage or restarting the application with session cleanup.

sudo systemctl restart apache2
sudo systemctl restart nginx
rm -rf /path/to/snipe-it/storage/framework/sessions/*

🧯 If You Can't Patch

Implement strict session timeout policies and monitor for unusual session activity.
Deploy a WAF or reverse proxy with session validation rules to block old session tokens.

🔍 How to Verify

Check if Vulnerable:

Check if your Snipe-IT version is below 5.3.10 by examining the application version in the admin panel or checking the composer.json file.

Check Version:

php artisan --version | grep Snipe-IT || cat composer.json | grep version

Verify Fix Applied:

After updating to 5.3.10+, test that old sessions are properly invalidated by attempting to use a previous session cookie after enabling login.

📡 Detection & Monitoring

Log Indicators:

Multiple successful logins from same user with old session IDs
Session validation failures or warnings in application logs

Network Indicators:

Unusual session cookie reuse patterns
Requests with expired or old session tokens

SIEM Query:

source="snipe-it-logs" AND (event="session_reuse" OR message="old_session")

📊 Metadata

CVE ID: CVE-2022-1155

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE: CWE-840

Published: March 30, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/snipe/snipe-it/commit/bdabbbd4e98e88ee01e728ceb4fd512661fbd38d Patch,Third Party Advisory
https://huntr.dev/bounties/ebc26354-2414-4f72-88aa-f044aec2b2e1 Exploit,Patch,Third Party Advisory
https://github.com/snipe/snipe-it/commit/bdabbbd4e98e88ee01e728ceb4fd512661fbd38d Patch,Third Party Advisory
https://huntr.dev/bounties/ebc26354-2414-4f72-88aa-f044aec2b2e1 Exploit,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-1155, you might also want to check these: