CVE-2024-3049 Booth: specially crafted hash can lead to invalid hmac being accepted by booth server

2024-06-0605:30:04

CWE-345

redhat

www.cve.org

cve-2024-3049

booth server

invalid hmac

security flaw

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

35.2%

JSON

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.1-1.el8_10.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::highavailability",
      "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_e4s:8.4::highavailability",
      "cpe:/a:redhat:rhel_tus:8.4::highavailability"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_e4s:8.4::highavailability",
      "cpe:/a:redhat:rhel_tus:8.4::highavailability"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.0-283.1.9d4029a.git.el8_8.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:8.8::highavailability",
      "cpe:/a:redhat:rhel_eus:8.8::resilientstorage"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.1-1.el9_4.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::highavailability",
      "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.0-283.1.9d4029a.git.el9_2.1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.2::resilientstorage",
      "cpe:/a:redhat:rhel_eus:9.2::highavailability"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "booth",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  }
]