{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30224", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-04T17:23:59.797Z", "datePublished": "2026-03-06T21:01:37.027Z", "dateUpdated": "2026-03-09T20:54:29.979Z"}, "containers": {"cna": {"title": "OliveTin: Session Fixation - Logout Fails to Invalidate Server-Side Session", "problemTypes": [{"descriptions": [{"cweId": "CWE-384", "lang": "en", "description": "CWE-384: Session Fixation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-613", "lang": "en", "description": "CWE-613: Insufficient Session Expiration", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-gq2m-77hf-vwgh", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-gq2m-77hf-vwgh"}, {"name": "https://github.com/OliveTin/OliveTin/commit/d6a0abc3755d43107be1939567c52953bcbec3d5", "tags": ["x_refsource_MISC"], "url": "https://github.com/OliveTin/OliveTin/commit/d6a0abc3755d43107be1939567c52953bcbec3d5"}, {"name": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1"}], "affected": [{"vendor": "OliveTin", "product": "OliveTin", "versions": [{"version": "< 3000.11.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T21:01:37.027Z"}, "descriptions": [{"lang": "en", "value": "OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry (default \u2248 1 year). An attacker with a previously stolen or captured session cookie can continue authenticating after logout, resulting in a post-logout authentication bypass. This is a session management flaw that violates expected logout semantics. This issue has been patched in version 3000.11.1."}], "source": {"advisory": "GHSA-gq2m-77hf-vwgh", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30224", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T20:49:41.862749Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T20:54:29.979Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30224", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T20:49:41.862749Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T20:51:38.360Z"}}], "cna": {"title": "OliveTin: Session Fixation - Logout Fails to Invalidate Server-Side Session", "source": {"advisory": "GHSA-gq2m-77hf-vwgh", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "OliveTin", "product": "OliveTin", "versions": [{"status": "affected", "version": "< 3000.11.1"}]}], "references": [{"url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-gq2m-77hf-vwgh", "name": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-gq2m-77hf-vwgh", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OliveTin/OliveTin/commit/d6a0abc3755d43107be1939567c52953bcbec3d5", "name": "https://github.com/OliveTin/OliveTin/commit/d6a0abc3755d43107be1939567c52953bcbec3d5", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1", "name": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry (default \u2248 1 year). An attacker with a previously stolen or captured session cookie can continue authenticating after logout, resulting in a post-logout authentication bypass. This is a session management flaw that violates expected logout semantics. This issue has been patched in version 3000.11.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-384", "description": "CWE-384: Session Fixation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-613", "description": "CWE-613: Insufficient Session Expiration"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-06T21:01:37.027Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30224", "state": "PUBLISHED", "dateUpdated": "2026-03-09T20:54:29.979Z", "dateReserved": "2026-03-04T17:23:59.797Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-06T21:01:37.027Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:olivetin:olivetin:*:*:*:*:*:*:*:*", "matchCriteriaId": "36F31F34-F899-413C-9A07-C14E32C66807", "versionEndExcluding": "3000.11.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry (default \u2248 1 year). An attacker with a previously stolen or captured session cookie can continue authenticating after logout, resulting in a post-logout authentication bypass. This is a session management flaw that violates expected logout semantics. This issue has been patched in version 3000.11.1."}, {"lang": "es", "value": "OliveTin da acceso a comandos shell predefinidos desde una interfaz web. Antes de la versi\u00f3n 3000.11.1, OliveTin no revoca las sesiones del lado del servidor cuando un usuario cierra sesi\u00f3n. Aunque la cookie del navegador se borra, la sesi\u00f3n correspondiente permanece v\u00e1lida en el almacenamiento del servidor hasta su caducidad (por defecto ? 1 a\u00f1o). Un atacante con una cookie de sesi\u00f3n previamente robada o capturada puede continuar autentic\u00e1ndose despu\u00e9s de cerrar sesi\u00f3n, lo que resulta en una omisi\u00f3n de autenticaci\u00f3n posterior al cierre de sesi\u00f3n. Esto es una falla de gesti\u00f3n de sesiones que viola la sem\u00e1ntica esperada del cierre de sesi\u00f3n. Este problema ha sido parcheado en la versi\u00f3n 3000.11.1."}], "id": "CVE-2026-30224", "lastModified": "2026-03-12T15:57:33.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-06T21:16:16.280", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OliveTin/OliveTin/commit/d6a0abc3755d43107be1939567c52953bcbec3d5"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.1"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-gq2m-77hf-vwgh"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-384"}, {"lang": "en", "value": "CWE-613"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3000.11.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OliveTin", "source": "cna", "vendor": "OliveTin"}, "product": "olivetin", "vendor": "olivetin"}], "analysis": {"en": {"generated_at": "2026-04-16T11:11:40.084852+00:00", "value": {"mitigation_remediation": ["Upgrade OliveTin to version 3000.11.1 or later to ensure logout invalidates server\u2011side session data", "If upgrade is delayed, remove or expire orphaned session entries in the OliveTin session store and revoke any active tokens through administrative tooling", "Apply appropriate network and session monitoring to detect reused session cookies and restrict user privileges until the fix is in place"], "summary": {"action": "Patch", "impact": "Post\u2011logout session hijacking allowing unauthorized execution of pre\u2011defined shell commands"}, "threat_synthesis": {"affected_systems": "Any installation of OliveTin running a version prior to 3000.11.1 is affected. The vulnerability exists in all OliveTin products listed under the CNA entry OliveTin:OliveTin. No specific deployment configurations are mentioned, so any exposed oliveTin instance could be at risk if it has not been updated.", "description_and_impact": "OliveTin does not invalidate server\u2011side session data when a user logs out. Although the browser cookie is cleared, the server retains the session until its default expiry of about one year, meaning an attacker who obtains a session cookie can continue authenticating after a user has supposedly logged out. This flaw permits a privileged attacker to bypass logout protections and gain unauthorized access to the web interface\u2019s command functionality, which could lead to remote command execution on the host system.", "risk_and_exploitability": "The CVSS score of 5.4 indicates moderate severity. The EPSS score is less than 1%, suggesting that exploitation probability is low, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote via the web interface; it requires an attacker to capture a session cookie, which is feasible through network eavesdropping or phishing. Once in possession of the cookie, the attacker can maintain access until the server\u2011side session expires. Because the flaw involves server\u2011side session persistence rather than a code execution path, audit and network monitoring can provide early detection, though the most effective risk mitigation is patching."}}}}, "created": "2026-03-09T10:06:56.739571+00:00", "updated": "2026-04-16T11:15:27.688761+00:00", "vendors": ["olivetin", "olivetin$PRODUCT$olivetin"]}