RedhatVULNRICHMENT:CVE-2024-6535CVE-2024-6535 Skupper: potential authentication bypass to skupper console via forged cookies
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
20.9%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a specially-crafted cookie.
CNA Affected
[
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1.4::el9"
],
"vendor": "Red Hat",
"product": "Service Interconnect 1.4 for RHEL 9",
"versions": [
{
"status": "unaffected",
"version": "1.4.7-1",
"lessThan": "*",
"versionType": "rpm"
}
],
"packageName": "service-interconnect/skupper-flow-collector-rhel9",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1.4::el9"
],
"vendor": "Red Hat",
"product": "Service Interconnect 1.4 for RHEL 9",
"versions": [
{
"status": "unaffected",
"version": "1.4.7-1",
"lessThan": "*",
"versionType": "rpm"
}
],
"packageName": "service-interconnect/skupper-service-controller-rhel9",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1::el9"
],
"vendor": "Red Hat",
"product": "Service Interconnect 1 for RHEL 9",
"versions": [
{
"status": "unaffected",
"version": "1.5.5-1",
"lessThan": "*",
"versionType": "rpm"
}
],
"packageName": "service-interconnect/skupper-flow-collector-rhel9",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1::el9"
],
"vendor": "Red Hat",
"product": "Service Interconnect 1 for RHEL 9",
"versions": [
{
"status": "unaffected",
"version": "1.5.5-1",
"lessThan": "*",
"versionType": "rpm"
}
],
"packageName": "service-interconnect/skupper-service-controller-rhel9",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"vendor": "Red Hat",
"product": "Red Hat Service Interconnect 1",
"packageName": "skupper",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "affected"
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
20.9%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial