CVE-2021-35472 - OpenCVE

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Lemonldap-ng	Lemonldap\
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:lemonldap-ng:lemonldap\:\:ng:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

References

Link	Resource
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8d3b763b6af2b8a9c4ad2765fbfabffec8a73af5	Patch Third Party Advisory
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2539	Exploit Patch Third Party Advisory
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags	Patch Third Party Advisory
https://www.debian.org/security/2021/dsa-4943	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-07-27T05:32:26

Updated: 2021-07-27T18:38:23

Reserved: 2021-06-23T00:00:00

Link: CVE-2021-35472

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-07-30T14:15:17.887

Modified: 2021-08-11T15:31:21.203

Link: CVE-2021-35472

JSON object: View

Redhat Information

No data.

CWE

CWE-307

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-27T18:38:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2539"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags"}, {"name": "DSA-4943", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4943"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8d3b763b6af2b8a9c4ad2765fbfabffec8a73af5"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-35472", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2539", "refsource": "MISC", "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2539"}, {"name": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags", "refsource": "MISC", "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags"}, {"name": "DSA-4943", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4943"}, {"name": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8d3b763b6af2b8a9c4ad2765fbfabffec8a73af5", "refsource": "CONFIRM", "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8d3b763b6af2b8a9c4ad2765fbfabffec8a73af5"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-35472", "datePublished": "2021-07-27T05:32:26", "dateReserved": "2021-06-23T00:00:00", "dateUpdated": "2021-07-27T18:38:23", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\:ng:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6A277AA-C3B1-4689-98B2-34C2056280BF", "versionEndIncluding": "2.0.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users."}, {"lang": "es", "value": "Se ha detectado un problema en LemonLDAP::NG versiones anteriores a 2.0.12. La corrupci\u00f3n de la cach\u00e9 de la sesi\u00f3n puede conllevar a una omisi\u00f3n de la autorizaci\u00f3n o una suplantaci\u00f3n de identidad. Al ejecutar un bucle que hace muchos intentos de autenticaci\u00f3n, un atacante podr\u00eda ser autenticado alternativamente como uno de dos usuarios diferentes"}], "id": "CVE-2021-35472", "lastModified": "2021-08-11T15:31:21.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-30T14:15:17.887", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8d3b763b6af2b8a9c4ad2765fbfabffec8a73af5"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2539"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4943"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}], "source": "nvd@nist.gov", "type": "Primary"}]}