CVE-2025-43793
📋 TL;DR
This vulnerability allows attackers who control a website sharing the same top-level domain (TLD) to read cookies set by Liferay applications. It affects Liferay Portal and DXP versions through improper subdomain identification, potentially exposing session data and authentication tokens. Organizations using affected Liferay versions are at risk.
💻 Affected Systems
- Liferay Portal
- Liferay DXP
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal session cookies, impersonate legitimate users, access sensitive data, and perform unauthorized actions within the Liferay application.
Likely Case
Session hijacking and unauthorized access to user accounts and sensitive information stored in the Liferay portal.
If Mitigated
Limited exposure if proper cookie security flags are enforced and subdomain isolation is maintained.
🎯 Exploit Status
Exploitation requires attacker control of a website sharing the same TLD, but no authentication to the target Liferay instance is needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Liferay Portal 7.4.3.106+, Liferay DXP 2023.Q4.1+, 2023.Q3.5+, 7.4 update 93+, 7.3 update 36+
Vendor Advisory: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43793
Restart Required: Yes
Instructions:
1. Download the appropriate fix pack from Liferay's customer portal. 2. Backup your current installation. 3. Apply the fix pack following Liferay's patch installation guide. 4. Restart the Liferay server. 5. Verify the patch was applied successfully.
🔧 Temporary Workarounds
Cookie Security Hardening
allConfigure cookies with SameSite=Strict and Secure flags to limit cross-domain access
Set portal-ext.properties: session.cookie.same.site=Strict
Set session.cookie.http.only=true
Set session.cookie.secure=true
🧯 If You Can't Patch
- Isolate Liferay deployment to dedicated domain not shared with other applications
- Implement web application firewall rules to detect and block cookie manipulation attempts
🔍 How to Verify
Check if Vulnerable:
Check Liferay version via Control Panel → Configuration → Server Administration → System InformationCheck Version:
Check liferay.home/portal-ext.properties or Control Panel system informationVerify Fix Applied:
Verify version is updated to patched version and test cookie behavior across subdomains📡 Detection & Monitoring
Log Indicators:
- Unusual cookie access patterns
- Cross-domain authentication attempts
- Session anomalies
Network Indicators:
- Cookie manipulation requests
- Cross-domain cookie transfers
SIEM Query:
source="liferay-logs" AND (event="cookie_access" OR event="session_hijack")