CVE-2024-10245

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Nov 12, 2024 / Updated: 7d ago

010
CVSS 9.8EPSS 0.09%Critical
CVE info copied to clipboard

Summary

The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

Impact

This vulnerability allows unauthenticated attackers to bypass authentication and log in as any existing user on the site, including administrators, if they have access to the user's email. This can lead to complete compromise of the WordPress site, potentially resulting in unauthorized access to sensitive data, modification of website content, installation of malicious plugins or themes, and full control over the site's functionality. Given the CVSS base score of 9.8 (Critical), the impact is considered severe, with high risks to confidentiality, integrity, and availability of the affected systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects versions up to and including 1.0 of the Relais 2FA plugin for WordPress, it's likely that an update or patch will be released. Users should monitor the plugin's repository or WordPress security announcements for updates.

Mitigation

1. Immediately update the Relais 2FA plugin to a version newer than 1.0 if available. 2. If an update is not available, consider temporarily disabling the Relais 2FA plugin until a patch is released. 3. Implement additional security measures such as IP restrictions for admin access. 4. Monitor WordPress and plugin logs for any suspicious login activities. 5. Ensure all WordPress users, especially administrators, are using strong, unique passwords. 6. Implement a Web Application Firewall (WAF) to help detect and block potential exploit attempts. 7. Regularly audit user accounts and remove any unnecessary admin privileges. 8. Keep all WordPress core files, themes, and other plugins up to date. 9. Consider implementing an additional layer of authentication for critical admin functions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-10245. See article

Nov 12, 2024 at 4:23 AM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 12, 2024 at 4:23 AM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 12, 2024 at 10:06 AM
CVE Assignment

NVD published the first details for CVE-2024-10245

Nov 12, 2024 at 10:15 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Nov 12, 2024 at 10:15 AM / nvd
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (152395)

Nov 14, 2024 at 7:53 AM
EPSS

EPSS Score was set to: 0.09% (Percentile: 40.2%)

Nov 14, 2024 at 8:15 PM
Static CVE Timeline Graph

Affected Systems

Wordpress/wordpress
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

News

RandomRobbieBF/CVE-2024-10245
[GitHub]Relais 2FA <=1.0 - Authentication Bypass
Critical - CVE-2024-10245 - The Relais 2FA plugin for WordPress is...
The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the...
Unauthenticated Attackers Can Bypass 2FA in Relais Plugin
Mobisoft974 - CRITICAL - CVE-2024-10245 The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
CVE-2024-10245 - Relais 2FA WordPress Authentication Bypass November 12, 2024 at 10:15AM https:// ift.tt/QYWm4tG # CVE # IOC # CTI # ThreatIntelligence # ThreatIntel # Cybersecurity # Recon
CVE-2024-10245 - Relais 2FA WordPress Authentication Bypass
CVE ID : CVE-2024-10245 Published : Nov. 12, 2024, 10:15 a.m. 52 minutes ago Description : The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. Severity:
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI