Mirror-registry Flaw Affects Quay Instances, Leading to Session Cookie Tampering
CVE-2024-3622

8.8HIGH

Key Information:

Vendor: Red Hat
Status: Mirror Registry For Red Hat Openshift
Vendor: CVE Published:; 25 April 2024

Summary

A vulnerability exists in Red Hat's Quay product related to the installation process utilizing mirror-registry. The issue stems from the use of a default secret, which is stored in plaintext within one of the configuration template files. This oversight can result in all Quay instances deployed through mirror-registry sharing the same secret key. Consequently, this flaw may allow malicious actors to fabricate session cookies, potentially leading to unauthorized access to the affected Quay instance. It is crucial for users of Quay to review their configuration settings and implement secure practices to mitigate this risk.

References

https://access.redhat.com/security/cve/CVE-2024-3622

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2274400

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 25, 2024

Collectors

NVD DatabaseMitre Database

Credit

Red Hat would like to thank Solomon Roberts (BadgerOps.net works) for reporting this issue.