Lucene search
RedhatCVELIST:CVE-2023-4727HistoryJun 11, 2024 - 7:30 p.m.
CVE-2023-4727 Dogtag ca: token authentication bypass vulnerability
2024-06-1119:30:25
CWE-305
redhat
www.cve.org
7
cve-2023
dogtag ca
token authentication
bypass vulnerability
ldap injection
privilege escalation
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
15.7%
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Certificate System 10.4 EUS for RHEL-8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "redhat-pki:10",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020240529205458.07fb4edf",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:certificate_system_eus:10.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core:10.6",
"defaultStatus": "affected",
"versions": [
{
"version": "8040020240329193548.17df0a3f",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_e4s:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core:10.6",
"defaultStatus": "affected",
"versions": [
{
"version": "8040020240329193548.17df0a3f",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_e4s:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core:10.6",
"defaultStatus": "affected",
"versions": [
{
"version": "8040020240329193548.17df0a3f",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_e4s:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core",
"defaultStatus": "affected",
"versions": [
{
"version": "0:11.5.0-2.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core",
"defaultStatus": "affected",
"versions": [
{
"version": "0:11.3.0-2.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Certificate System 10",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "redhat-pki:10/pki-core",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:certificate_system:10"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "pki-core:10.6/pki-core",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
}
]Related
debiancve
debiancve
CVE-2023-4727
2024-06-11 20:15:09
ubuntucve
ubuntucve
CVE-2023-4727
2024-06-11 00:00:00
cve
cve
CVE-2023-4727
2024-06-11 20:15:09
vulnrichment
vulnrichment
CVE-2023-4727 Dogtag ca: token authentication bypass vulnerability
2024-06-11 19:30:25
redhatcve
redhatcve
CVE-2023-4727
2024-06-11 19:24:16
nessus
nessus
RHEL 9 : pki-core (RHSA-2024:4051)
2024-06-24 00:00:00
RHEL 8 : Red Hat Certificate System 10.4 for RHEL 8 (RHSA-2024:4070)
2024-06-24 00:00:00
nvd
nvd
CVE-2023-4727
2024-06-11 20:15:09
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
15.7%
Related for CVELIST:CVE-2023-4727