Vulnerability CVE-2024-3049


Published: 2024-06-06

Description:
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

Type:

CWE-345

(Insufficient Verification of Data Authenticity)

 References:
https://access.redhat.com/security/cve/CVE-2024-3049
https://bugzilla.redhat.com/show_bug.cgi?id=2272082

Copyright 2024, cxsecurity.com

 

Back to Top