Advanced Varnish - Moderately critical - Access bypass - SA-CONTRIB-2024-033
Project: Advanced VarnishDate: 2024-August-28Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access bypassAffected versions: <4.0.11Description: This module enables you to cache pages for logged in users at the Varnish level.
The Varnish bin names may be guessable when no hashing noise configuration is set on the module configuration page, which would ultimately allow any user to view cached pages that were intended for other roles when guessing such a bin name.Solution: There are two steps. Install the latest version and update your configuration:
- If you use the Advanced Varnish module for Drupal 4.0.x, upgrade to Advanced Varnish 4.0.11
- Go to the module configuration page and set an appropriate value to the hashing noise configuration.
Reported By:
- Heine Deelstra of the Drupal Security Team
Fixed By:
- Heine Deelstra of the Drupal Security Team
- Alexander Shumenko
Coordinated By:
- Greg Knaddison of the Drupal Security Team