CVE-2024-7079

Missing Authentication for Critical Function (CWE-306)

Published: Jul 24, 2024 / Updated: 3mo ago

010
CVSS 6.5EPSS 0.04%Medium
CVE info copied to clipboard

Summary

A vulnerability was discovered in the Openshift console, specifically in the /API/helm/verify endpoint. This endpoint is responsible for fetching and verifying the installation of Helm charts from remote HTTP/HTTPS or local URIs. The issue lies in the authHandlerWithUser() middleware function, which, despite its name, does not properly verify the validity of user credentials. As a result, unauthenticated users can access this endpoint, bypassing intended authentication measures.

Impact

This vulnerability could allow unauthorized access to the /API/helm/verify endpoint, potentially enabling attackers to interact with or manipulate Helm chart installations without proper authentication. The impact is categorized as HIGH, with a CVSS v3.1 base score of 5.4. The vulnerability affects the integrity and availability of the system (both rated as LOW), while confidentiality impact is NONE. The attack vector is NETWORK-based, requires LOW attack complexity and LOW privileges, but does need user interaction. The scope is considered CHANGED, indicating potential impact beyond the vulnerable component.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available for this vulnerability. The patch details indicate that it was added on 2024-07-24, and more information can be found at the Red Hat Bugzilla page: https://bugzilla.redhat.com/show_bug.cgi?id=2299678

Mitigation

While specific mitigation steps are not provided in the given data, general recommendations would include: 1. Apply the available patch as soon as possible. 2. Implement proper authentication mechanisms for all critical endpoints, especially those dealing with sensitive operations like Helm chart installations. 3. Conduct a thorough review of all middleware functions to ensure they perform their intended security checks. 4. Monitor and log access attempts to the /API/helm/verify endpoint to detect any unauthorized access. 5. Consider implementing additional access controls or network segmentation to limit exposure of this endpoint.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

Vendor Advisory

RedHat CVE advisory released a security advisory (CVE-2024-7079).

Jul 24, 2024 at 2:10 PM
CVSS

A CVSS base score of 5.4 has been assigned.

Jul 24, 2024 at 2:10 PM / redhat-cve-advisories
First Article

Feedly found the first article mentioning CVE-2024-7079. See article

Jul 24, 2024 at 2:12 PM / Red Hat CVE Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Jul 24, 2024 at 2:12 PM
CVE Assignment

NVD published the first details for CVE-2024-7079

Jul 24, 2024 at 4:15 PM
Trending

This CVE started to trend in security discussions

Jul 24, 2024 at 10:56 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.4%)

Jul 25, 2024 at 9:33 AM
CVSS

A CVSS base score of 6.5 has been assigned.

Jul 25, 2024 at 5:36 PM / nvd
Trending

This CVE stopped trending in security discussions

Jul 26, 2024 at 1:10 PM
Static CVE Timeline Graph

Affected Systems

Redhat/openshift_container_platform
+null more

Patches

bugzilla.redhat.com
+null more

Attack Patterns

CAPEC-12: Choosing Message Identifier
+null more

Vendor Advisory

CVE-2024-7079
Red Hat OpenShift Container Platform 4 - openshift4/ose-console - Affected Red Hat OpenShift Container Platform 3.11 - openshift3/ose-console - Out of support scope

References

CVE-2024-7079
Red Hat OpenShift Container Platform 4 - openshift4/ose-console - Affected Red Hat OpenShift Container Platform 3.11 - openshift3/ose-console - Out of support scope

News

CVE-2024-7079 Description, Impact and Technical Details - Recorded Future
Join us online. Want to learn more? Contact us today. Copyright © 2024 Recorded Future , Inc. Security FAQ · Cookies · Privacy Policy · Terms & ...
CVE-2024-7079
Access to this endpoint is gated by the authHandlerWithUser() middleware function. As a result, unauthenticated users can access this endpoint.
CVE-2024-7079 | Red Hat OpenShift Container Platform 3.11/4 /API/helm/verify authHandlerWithUser missing authentication
A vulnerability was found in Red Hat OpenShift Container Platform 3.11/4 . It has been rated as critical . Affected by this issue is the function authHandlerWithUser of the file /API/helm/verify . The manipulation leads to missing authentication. This vulnerability is handled as CVE-2024-7079 . The attack may be launched remotely. There is no exploit available.
Medium - CVE-2024-7079 - A flaw was found in the Openshift console. The...
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this...
Unauthorized Access to /API/helm/verify Endpoint in Openshift
Red Hat - MEDIUM - CVE-2024-7079 A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint.
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI