CVE-2024-3183

EPSS 16.79%
Published 12.06.2024 09:15:18
Last modified 21.11.2024 09:29:05
Source secalert@redhat.com
Teams watchlist Login
Open Login

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.

If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).

Affected products Warnungen 0 Metrics 3 CWE 1 References 16

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Aus Version8.2

Redhat ≫ Enterprise Linux Aus Version8.4

Redhat ≫ Enterprise Linux Aus Version8.6

Redhat ≫ Enterprise Linux Eus Version8.8

Redhat ≫ Enterprise Linux Tus Version8.4

Redhat ≫ Enterprise Linux Tus Version8.6

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.4

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	16.79%	0.947

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
secalert@redhat.com	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-916 Use of Password Hash With Insufficient Computational Effort

The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.

https://access.redhat.com/errata/RHSA-2024:3754

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:3755

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:3757

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:3759

Vendor Advisory

https://www.freeipa.org/release-notes/4-12-1.html

Release Notes

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WT3JL7JQDIAFKKEFARWYES7GZNWGQNCI/

https://access.redhat.com/errata/RHSA-2024:3756