Ldap Injection Vulnerability in dogtag-pki and pki-core Could Lead to Privilege Escalation
CVE-2023-4727

7.5HIGH

Key Information:

Status
Red Hat Certificate System 10.4 Eus For Rhel-8
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
11 June 2024

What is CVE-2023-4727?

A vulnerability exists within Red Hat's Dogtag PKI and pki-core products, where an attacker can exploit a flaw in the token authentication mechanism through an LDAP injection. By manipulating the query string parameter 'sessionID=*', the attacker may authenticate using an existing session stored in the LDAP directory server. This could potentially allow unauthorized access and lead to an escalation of privileges, compromising the integrity of the system and sensitive information.

References

https://access.redhat.com/errata/RHSA-2024:4051
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4070
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4164
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Red Hat would like to thank Pham Van Khanh (Calif) for reporting this issue.
JSON
.