CVE-2024-24552 – CVE-2024-24552 is a session fixation vulnerabil... (How to Fix)

Q: What is the severity of CVE-2024-24552?

CVE-2024-24552 has a CVSS score of 8.8 (HIGH). CVE-2024-24552 is a session fixation vulnerability in Bludit CMS that allows attackers to hijack user sessions by tricking victims into using attacker-controlled session IDs. This affects all Bludit users, particularly administrators, potentially leading to unauthorized access and privilege escalation.

📋 TL;DR

CVE-2024-24552 is a session fixation vulnerability in Bludit CMS that allows attackers to hijack user sessions by tricking victims into using attacker-controlled session IDs. This affects all Bludit users, particularly administrators, potentially leading to unauthorized access and privilege escalation.

💻 Affected Systems

Products:

Bludit CMS

Versions: All versions prior to 4.0.0

Operating Systems: All platforms running Bludit

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all Bludit installations regardless of configuration.

📦 What is this software?

Bludit by Bludit

View all CVEs affecting Bludit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Bludit instance with administrative access, allowing content manipulation, data theft, or installation of backdoors.

🟠

Likely Case

Unauthorized access to user accounts, particularly administrator accounts, leading to content modification or data exposure.

🟢

If Mitigated

Limited impact with proper session management controls and user awareness training.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires social engineering to trick users into using attacker-provided session IDs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.0.0

Vendor Advisory: https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/

Restart Required: No

Instructions:

1. Backup your Bludit installation. 2. Download Bludit 4.0.0 or later from the official website. 3. Replace the existing installation files with the new version. 4. Verify that the update was successful.

🔧 Temporary Workarounds

Session Regeneration on Login

all

Force session ID regeneration upon successful authentication to prevent session fixation.

Modify Bludit's authentication logic to call session_regenerate_id(true) after successful login

🧯 If You Can't Patch

Implement strict session management: regenerate session IDs after login and enforce session timeouts.
Educate users about session security risks and warn against clicking suspicious links with session parameters.

🔍 How to Verify

Check if Vulnerable:

Check if your Bludit version is below 4.0.0 by examining the version file or admin panel.

Check Version:

Check the content of bl-kernel/boot.php or view the admin dashboard version info.

Verify Fix Applied:

Confirm that the Bludit version is 4.0.0 or higher and test that session IDs are regenerated after login.

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts followed by successful login with unusual session IDs
Session IDs that don't match expected patterns

Network Indicators:

HTTP requests containing session parameters in URLs from unexpected sources

SIEM Query:

source="bludit_logs" AND (event="login_success" AND session_id NOT LIKE "%expected_pattern%")

📊 Metadata

CVE ID: CVE-2024-24552

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-384

Published: June 24, 2024

Last Updated: January 2, 2026

🔗 References

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ Third Party Advisory
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-24552, you might also want to check these: