oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2024-27905: Apache Aurora: padding oracle can allow construction an authentication cookie

From: Arnout Engelen <engelen () apache org>
Date: Tue, 27 Feb 2024 10:21:39 +0000
Severity: important

Affected versions:

- Apache Aurora 0.5.0 or later

Description:

** UNSUPPORTED WHEN ASSIGNED ** Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache 
Aurora.

An endpoint exposing internals to unauthenticated users can be used as a "padding oracle" allowing an anonymous 
attacker to construct a valid authentication cookie. Potentially this could be combined with vulnerabilities in other 
components to achieve remote code execution.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an 
alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Credit:

Quang Luong (reporter)
Duc Nguyen (reporter)

References:

https://attic.apache.org/projects/aurora.html
https://www.cve.org/CVERecord?id=CVE-2024-27905
Previous By Date Next
Previous By Thread Next

Current thread: