| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2020-26214 | 6 Nov 202020:51 | ā | circl | |
| Alerta Authentication Bypass Vulnerability | 9 Nov 202000:00 | ā | cnvd | |
| CVE-2020-26214 | 6 Nov 202017:50 | ā | cve | |
| CVE-2020-26214 LDAP authentication bypass in Alerta | 6 Nov 202017:50 | ā | cvelist | |
| LDAP authentication bypass with empty password | 6 Nov 202017:35 | ā | github | |
| CVE-2020-26214 | 6 Nov 202018:15 | ā | nvd | |
| GHSA-5HMM-X8Q8-W5JH LDAP authentication bypass with empty password | 6 Nov 202017:35 | ā | osv | |
| PYSEC-2020-159 | 6 Nov 202018:15 | ā | osv | |
| Authentication flaw | 6 Nov 202018:15 | ā | prion | |
| PYSEC-2020-159 | 6 Nov 202018:15 | ā | pypa |
id: CVE-2020-26214
info:
name: Alerta < 8.1.0 - Authentication Bypass
author: CasperGN,daffainfo
severity: critical
description: Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization provider and the LDAP server accepts Unauthenticated Bind requests.
impact: |
Successful exploitation of this vulnerability allows an attacker to bypass authentication and gain unauthorized access to Alerta.
remediation: |
Upgrade Alerta to version 8.1.0 or later to mitigate this vulnerability.
reference:
- https://github.com/advisories/GHSA-5hmm-x8q8-w5jh
- https://tools.ietf.org/html/rfc4513#section-5.1.2
- https://pypi.org/project/alerta-server/8.1.0/
- https://nvd.nist.gov/vuln/detail/CVE-2020-26214
- https://github.com/alerta/alerta/commit/2bfa31779a4c9df2fa68fa4d0c5c909698c5ef65
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-26214
cwe-id: CWE-287
epss-score: 0.65933
epss-percentile: 0.9918
cpe: cpe:2.3:a:alerta_project:alerta:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: alerta_project
product: alerta
tags: cve,cve2020,alerta,auth-bypass,alerta_project,passive,vuln
http:
- method: GET
path:
- '{{BaseURL}}/api/config'
matchers-condition: and
matchers:
- type: dsl
dsl:
- compare_versions(version, '< 8.1.0')
- type: word
part: body
words:
- '"alarm_model"'
- '"actions"'
- '"severity"'
condition: and
- type: status
status:
- 200
extractors:
- type: regex
name: version
group: 1
regex:
- '"name": "Alerta ([0-9.]+)"'
internal: true
- type: regex
group: 1
regex:
- '"name": "Alerta ([0-9.]+)"'
# digest: 4b0a00483046022100d2df895c3f051f2acad02f492dbc9ed6de8e6f10da1170a9b9bbfe6390b55442022100f64a26c689e576913746572d11eb9289a460e86e812d4c62ed437920a66d8eba:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation withĀ Vulners data
WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data
Api
Power your application withĀ Vulners API
The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access
App
Assess and manage vulnerabilities withĀ VulnersĀ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation