CVE-2020-26168 - OpenCVE

The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenarios. As a result, users (clients/members) can be authenticated even if they provide invalid passwords.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hazelcast	Hazelcast Jet

Configuration 1 [-]

OR	cpe:2.3:a:hazelcast:hazelcast:::::enterprise:::*
	cpe:2.3:a:hazelcast:jet:::::enterprise:::*

No data.

References

Link	Providers
https://docs.hazelcast.org/docs/ern/index.html#4-0-3
https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass
https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass
https://jet-start.sh/blog/2020/10/23/jet-43-is-released

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-11-09T21:28:39

Updated: 2024-08-04T15:49:07.227Z

Reserved: 2020-09-30T00:00:00

Link: CVE-2020-26168

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-09T22:15:13.257

Modified: 2020-11-18T20:39:49.663

Link: CVE-2020-26168

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-10-23T00:00:00", "descriptions": [{"lang": "en", "value": "The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenarios. As a result, users (clients/members) can be authenticated even if they provide invalid passwords."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-09T21:28:39", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.hazelcast.org/docs/ern/index.html#4-0-3"}, {"tags": ["x_refsource_MISC"], "url": "https://jet-start.sh/blog/2020/10/23/jet-43-is-released"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-26168", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenarios. As a result, users (clients/members) can be authenticated even if they provide invalid passwords."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://docs.hazelcast.org/docs/ern/index.html#4-0-3", "refsource": "MISC", "url": "https://docs.hazelcast.org/docs/ern/index.html#4-0-3"}, {"name": "https://jet-start.sh/blog/2020/10/23/jet-43-is-released", "refsource": "MISC", "url": "https://jet-start.sh/blog/2020/10/23/jet-43-is-released"}, {"name": "https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass", "refsource": "CONFIRM", "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass"}, {"name": "https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass", "refsource": "CONFIRM", "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:49:07.227Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.hazelcast.org/docs/ern/index.html#4-0-3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jet-start.sh/blog/2020/10/23/jet-43-is-released"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-26168", "datePublished": "2020-11-09T21:28:39", "dateReserved": "2020-09-30T00:00:00", "dateUpdated": "2024-08-04T15:49:07.227Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hazelcast:hazelcast:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "06DB8128-3063-4CB2-BB6F-6AFEA507E551", "versionEndExcluding": "4.0.3", "versionStartIncluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hazelcast:jet:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "F829E074-7D1E-4A91-9741-B776F6404202", "versionEndIncluding": "4.2", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenarios. As a result, users (clients/members) can be authenticated even if they provide invalid passwords."}, {"lang": "es", "value": "El m\u00e9todo de autenticaci\u00f3n LDAP en LdapLoginModule en Hazelcast IMDG Enterprise versiones 4.x anteriores a 4.0.3, y Jet Enterprise versiones 4.x anteriores a 4.2, no comprueba apropiadamente la contrase\u00f1a en algunos escenarios de system-user-dn. Como resultado, los usuarios (clients/members) pueden ser autenticados incluso si proporcionan contrase\u00f1as no v\u00e1lidas"}], "id": "CVE-2020-26168", "lastModified": "2020-11-18T20:39:49.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-09T22:15:13.257", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://docs.hazelcast.org/docs/ern/index.html#4-0-3"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360050161951--IMDG-Enterprise-4-0-4-0-1-4-0-2-LDAP-Authentication-Bypass"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://hazelcast.zendesk.com/hc/en-us/articles/360051384932--JET-Enterprise-4-0-4-1-4-1-1-4-2-LDAP-Authentication-Bypass"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://jet-start.sh/blog/2020/10/23/jet-43-is-released"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}