CVE-2024-10081

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Nov 6, 2024 / Updated: 13d ago

010
CVSS 10EPSS 0.04%Critical
CVE info copied to clipboard

Summary

CodeChecker, an analyzer tooling, defect database, and viewer extension for the Clang Static Analyzer and Clang Tidy, contains an authentication bypass vulnerability. This vulnerability occurs when the API URL ends with Authentication, allowing superuser access to all API endpoints except Authentication. Affected endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication, are affected by this vulnerability. This issue affects CodeChecker versions through 6.24.1.

Impact

This vulnerability has a severe impact on the security of systems using affected versions of CodeChecker. An attacker can bypass authentication and gain superuser access to critical API endpoints. This allows unauthorized users to add, edit, and remove products, potentially compromising the integrity of the entire system. The impact on confidentiality and integrity is high, while availability is not directly affected. The attack vector is network-based, requires no privileges or user interaction, has low attack complexity, and can change the scope of the vulnerability.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. The vulnerability affects CodeChecker versions through 6.24.1, suggesting that versions after 6.24.1 may have addressed this issue. However, users should verify this with the vendor or await an official patch announcement.

Mitigation

While awaiting an official patch, consider the following mitigation strategies: 1. Upgrade CodeChecker to a version newer than 6.24.1 if available. 2. Implement additional network-level access controls to restrict access to the CodeChecker API. 3. Monitor and audit all API access, especially focusing on endpoints that allow adding, editing, or removing products. 4. If possible, temporarily disable or restrict access to the affected API endpoints until a patch is available. 5. Implement strong authentication mechanisms at the network or application level to compensate for the bypass vulnerability. 6. Regularly review and update access controls and user privileges to minimize potential damage if the vulnerability is exploited.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Timeline

Vendor Advisory

GitHub Advisories released a security advisory.

Nov 6, 2024 at 2:32 PM
CVE Assignment

NVD published the first details for CVE-2024-10081

Nov 6, 2024 at 3:15 PM
CVSS

A CVSS base score of 10 has been assigned.

Nov 6, 2024 at 3:20 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-10081. See article

Nov 6, 2024 at 3:21 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 6, 2024 at 3:21 PM
CVSS

A CVSS base score of 10 has been assigned.

Nov 6, 2024 at 6:22 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 10%)

Nov 7, 2024 at 10:04 AM
Static CVE Timeline Graph

Affected Systems

Ericsson/codechecker
+null more

Patches

Github Advisory
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

Vendor Advisory

[GHSA-f3f8-vx3w-hp5q] codechecker vulnerable to authentication bypass when using specifically crafted URLs
This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user. This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.

News

US-CERT Vulnerability Summary for the Week of November 4, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High : vulnerabilities with a CVSS base score of 7.0–10.0 Medium : vulnerabilities with a CVSS base score of 4.0–6.9 Low : vulnerabilities with a CVSS base score of 0.0–3.9 Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available.
Vulnerability Summary for the Week of November 4, 2024
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source Info 1000 Projects--Beauty Parlour Management System A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. 2024-11-10 7.3 CVE-2024-11055 1000 Projects--Bookstore Management System A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /contact_process.php. The manipulation of the argument fnm leads to sql injection. The attack can be launched remotely.
Update Thu Nov 7 14:29:30 UTC 2024
Update Thu Nov 7 14:29:30 UTC 2024
NA - CVE-2024-10081 - CodeChecker is an analyzer tooling, defect...
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the API URL ends with Authentication. This...
[GHSA-f3f8-vx3w-hp5q] codechecker vulnerable to authentication bypass when using specifically crafted URLs
This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user. This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.
See 8 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Changed
Confidentiality:High
Integrity:High
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI