Vulnerability CVE-2020-4042


Published: 2020-07-10

Description:
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8.

Type:

CWE-294

(Authentication Bypass by Capture-replay)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Bareos -> Bareos 

 References:
https://bugs.bareos.org/view.php?id=1250
https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752

Copyright 2024, cxsecurity.com

 

Back to Top