CVE-2024-6535

2024-07-1703:15:01

CWE-287

CWE-1392

redhat

web.nvd.nist.gov

skupper

authentication bypass

crafted cookie

cve-2024-6535

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

20.9%

JSON

A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.

Affected configurations

Nvd

Node

redhatservice_interconnectMatch1.0

VendorProductVersionCPE
redhatservice_interconnect1.0cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	service_interconnect	1.0	cpe:2.3:a:redhat:service_interconnect:1.0:::::::*

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1.4 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-flow-collector-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.7-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1.4::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1.4 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-service-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.7-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1.4::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-flow-collector-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.5.5-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-service-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.5.5-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Service Interconnect 1",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "skupper",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1"
    ]
  }
]