Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-24814

Опубликовано: 13 фев. 2024
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like 99999999, the server struggles with the request for a long time and finally gets back with a 500 error. Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. Missing input validation in the mod_auth_openidc_session_chunks cookie value can make the server vulnerable to a denial of service attack. This issue may allow a remote attacker to craft a request that causes the application or system to slow down or crash due to unhandled errors.

Отчет

The identified vulnerability in the application's handling of the mod_auth_openidc_session_chunks cookie represents a moderate severity issue rather than a important one due to several factors. While the ability for attackers to craft requests causing server strain and potential unresponsiveness poses a threat to the availability of the service, it requires specific conditions to exploit. The attack relies on manipulating a specific cookie with an exceptionally large value, which may not be easily achievable without user interaction or prior access to the system. Additionally, the impact is limited to denial of service rather than compromising sensitive data or system integrity.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7mod_auth_openidcOut of support scope
Red Hat Enterprise Linux 8mod_auth_openidcFixedRHSA-2024:528913.08.2024
Red Hat Enterprise Linux 9mod_auth_openidcFixedRHSA-2024:918012.11.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2264092mod_auth_openidc: DoS when using `OIDCSessionType client-cookie` and manipulating cookies

EPSS

Процентиль: 41%
0.00189
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-24814

CVSS3: 7.5
ubuntu
больше 1 года назад

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like 99999999, the server struggles with the request for a long time and finally gets back with a 500 error. Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

nvd логотип

CVE-2024-24814

CVSS3: 7.5
nvd
больше 1 года назад

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like 99999999, the server struggles with the request for a long time and finally gets back with a 500 error. Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian логотип

CVE-2024-24814

CVSS3: 7.5
debian
больше 1 года назад

mod_auth_openidc is an OpenID Certified\u2122 authentication and autho ...

suse-cvrf логотип

SUSE-SU-2024:2299-1

suse-cvrf
12 месяцев назад

Security update for apache2-mod_auth_openidc

suse-cvrf логотип

SUSE-SU-2024:0758-1

suse-cvrf
больше 1 года назад

Security update for apache2-mod_auth_openidc

EPSS

Процентиль: 41%
0.00189
Низкий

7.5 High

CVSS3

Уязвимость CVE-2024-24814