CVE-2022-37397 - Vulnerability Details - OpenCVE

Description

An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password.

Published: 2022-08-12

Score: 8.3 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

YugaByte, Inc.

Yugabyte DB

affected

Version	Status	Constraints
`2.6.1.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:yugabyte:yugabytedb:2.6.1:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Upgrade to non-vulnerable version 2.6.1.1+

Vendor Workaround

Disable LDAP for YCQL.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2022-40030	An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00494.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://www.yugabyte.com/

History

No history.

Subscriptions

Yugabyte Yugabytedb

MITRE

Status: PUBLISHED

Assigner: Yugabyte

Published: 2022-08-12T18:01:37.000Z

Updated: 2024-08-03T10:29:21.063Z

Reserved: 2022-08-03T00:00:00.000Z

Link: CVE-2022-37397

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-12T20:15:09.850

Modified: 2024-11-21T07:14:55.200

Link: CVE-2022-37397

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"containers": {"cna": {"affected": [{"platforms": ["macos, darwin"], "product": "Yugabyte DB", "vendor": "YugaByte, Inc.", "versions": [{"status": "affected", "version": "2.6.1.0"}]}], "configurations": [{"lang": "en", "value": "The software is vulnerable when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-16", "description": "CWE-16 Configuration", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-12T18:01:37.000Z", "orgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078", "shortName": "Yugabyte"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.yugabyte.com/"}], "solutions": [{"lang": "en", "value": "Upgrade to non-vulnerable version 2.6.1.1+"}], "source": {"defect": ["PLAT-4383"], "discovery": "EXTERNAL"}, "title": "The software is vulnerable when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory", "workarounds": [{"lang": "en", "value": "Disable LDAP for YCQL."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@yugabyte.com", "ID": "CVE-2022-37397", "STATE": "PUBLIC", "TITLE": "The software is vulnerable when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Yugabyte DB", "version": {"version_data": [{"platform": "macos, darwin", "version_name": "2.6.1.0", "version_value": "2.6.1.0"}]}}]}, "vendor_name": "YugaByte, Inc."}]}}, "configuration": [{"lang": "en", "value": "The software is vulnerable when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287 Improper Authentication"}]}, {"description": [{"lang": "eng", "value": "CWE-16 Configuration"}]}]}, "references": {"reference_data": [{"name": "https://www.yugabyte.com/", "refsource": "CONFIRM", "url": "https://www.yugabyte.com/"}]}, "solution": [{"lang": "en", "value": "Upgrade to non-vulnerable version 2.6.1.1+"}], "source": {"defect": ["PLAT-4383"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Disable LDAP for YCQL."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:29:21.063Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.yugabyte.com/"}]}]}, "cveMetadata": {"assignerOrgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078", "assignerShortName": "Yugabyte", "cveId": "CVE-2022-37397", "datePublished": "2022-08-12T18:01:37.000Z", "dateReserved": "2022-08-03T00:00:00.000Z", "dateUpdated": "2024-08-03T10:29:21.063Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:yugabyte:yugabytedb:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D0AF8161-C28C-411F-9433-C472C7981FDB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft\u2019s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password."}, {"lang": "es", "value": "Se ha detectado un problema en YugabyteDB versi\u00f3n 2.6.1, cuando es usada la autenticaci\u00f3n basada en LDAP en YCQL con el Directorio Activo de Microsoft. Cuando es habilitada la vinculaci\u00f3n an\u00f3nima o no autenticada de LDAP, permite omitir la autenticaci\u00f3n con una contrase\u00f1a vac\u00eda."}], "id": "CVE-2022-37397", "lastModified": "2024-11-21T07:14:55.200", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.5, "source": "security@yugabyte.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-12T20:15:09.850", "references": [{"source": "security@yugabyte.com", "tags": ["Vendor Advisory"], "url": "https://www.yugabyte.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.yugabyte.com/"}], "sourceIdentifier": "security@yugabyte.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-16"}, {"lang": "en", "value": "CWE-287"}], "source": "security@yugabyte.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}