CVE-2024-31221

Exploit

EPSS 0.09%
Veröffentlicht 08.04.2024 15:15:08
Zuletzt bearbeitet 11.09.2025 21:41:40
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.10.0 and prior to version 0.23.0, after unpairing all devices in the web UI interface and then pairing only one device, all of the previously devices will be temporarily paired. Version 0.23.0 contains a patch for the issue. As a workaround, restarting Sunshine after unpairing all devices prevents the vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lizardbyte ≫ Sunshine Version >= 0.10.0 < 0.23.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.256

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	5.9	1.2	4.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L

CWE-384 Session Fixation

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

https://github.com/LizardByte/Sunshine/commit/b7aa8119f1471844dccdf73a8b6f7efc9baddb5e

Patch

https://github.com/LizardByte/Sunshine/issues/2305

Exploit

Issue Tracking

https://github.com/LizardByte/Sunshine/pull/2365

Patch

Issue Tracking

https://github.com/LizardByte/Sunshine/security/advisories/GHSA-v8gw-jw28-v55m

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-31221

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-31221

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-31221

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-31221