CVE-2023-6451 - Vulnerability Details - OpenCVE

Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00038.

Key SSVC decision points have not yet been added.

Vendors	Products
Alayacare	Procura

Configuration 1 [-]

cpe:2.3:a:alayacare:procura:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-58688	Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.

Fixes

Solution

Generate new machine keys in the application's web.config file immediately.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.themissinglink.com.au/security-advisories/cve-2023-6451

History

Thu, 09 Jan 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Alayacare Alayacare procura
Weaknesses		CWE-287
CPEs		cpe:2.3:a:alayacare:procura::::::::
Vendors & Products		Alayacare Alayacare procura

MITRE

Status: PUBLISHED

Assigner: TML

Published: 2024-02-16T04:06:17.797Z

Updated: 2024-08-02T08:28:21.849Z

Reserved: 2023-11-30T22:06:55.677Z

Link: CVE-2023-6451

Vulnrichment

Updated: 2024-08-02T08:28:21.849Z

NVD

Status : Analyzed

Published: 2024-02-16T04:15:08.090

Modified: 2025-01-09T14:56:51.713

Link: CVE-2023-6451

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6451", "assignerOrgId": "07aac9b9-e3e9-4d03-a447-764bd31371d7", "state": "PUBLISHED", "assignerShortName": "TML", "dateReserved": "2023-11-30T22:06:55.677Z", "datePublished": "2024-02-16T04:06:17.797Z", "dateUpdated": "2024-08-02T08:28:21.849Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Procura Portal", "vendor": "AlayaCare", "versions": [{"lessThan": "9.0.1.2", "status": "affected", "version": "0", "versionType": "Major"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jake Cleland"}], "datePublic": "2024-02-16T08:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.<br>"}], "value": "Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1394", "description": "CWE-1394", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "07aac9b9-e3e9-4d03-a447-764bd31371d7", "shortName": "TML", "dateUpdated": "2024-02-16T04:08:11.683Z"}, "references": [{"url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Generate new machine keys in the application's web.config file immediately.<br>"}], "value": "Generate new machine keys in the application's web.config file immediately.\n"}], "source": {"discovery": "EXTERNAL"}, "title": "Publicly Known Cryptographic Machine Key In Procura Portal Application", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "alayacare", "product": "procura_portal", "cpes": ["cpe:2.3:a:alayacare:procura_portal:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "9.0.1.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-23T16:59:47.355288Z", "id": "CVE-2023-6451", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T15:05:18.750Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.849Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.849Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6451", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-02-23T16:59:47.355288Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:alayacare:procura_portal:*:*:*:*:*:*:*:*"], "vendor": "alayacare", "product": "procura_portal", "versions": [{"status": "affected", "version": "0", "lessThan": "9.0.1.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T15:05:13.704Z"}}], "cna": {"title": "Publicly Known Cryptographic Machine Key In Procura Portal Application", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jake Cleland"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AlayaCare", "product": "Procura Portal", "versions": [{"status": "affected", "version": "0", "lessThan": "9.0.1.2", "versionType": "Major"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Generate new machine keys in the application's web.config file immediately.\n", "supportingMedia": [{"type": "text/html", "value": "Generate new machine keys in the application's web.config file immediately.<br>", "base64": false}]}], "datePublic": "2024-02-16T08:00:00.000Z", "references": [{"url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.\n", "supportingMedia": [{"type": "text/html", "value": "Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1394", "description": "CWE-1394"}]}], "providerMetadata": {"orgId": "07aac9b9-e3e9-4d03-a447-764bd31371d7", "shortName": "TML", "dateUpdated": "2024-02-16T04:08:11.683Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6451", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:28:21.849Z", "dateReserved": "2023-11-30T22:06:55.677Z", "assignerOrgId": "07aac9b9-e3e9-4d03-a447-764bd31371d7", "datePublished": "2024-02-16T04:06:17.797Z", "assignerShortName": "TML"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:alayacare:procura:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADB3292B-3B61-4060-8A26-5E4948D355BA", "versionEndExcluding": "9.0.1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.\n"}, {"lang": "es", "value": "La clave de m\u00e1quina criptogr\u00e1fica conocida p\u00fablicamente en el Portal Procura de AlayaCare anterior a 9.0.1.2 permite a los atacantes falsificar sus propias cookies de autenticaci\u00f3n y eludir los mecanismos de autenticaci\u00f3n de la aplicaci\u00f3n."}], "id": "CVE-2023-6451", "lastModified": "2025-01-09T14:56:51.713", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "vdp@themissinglink.com.au", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-16T04:15:08.090", "references": [{"source": "vdp@themissinglink.com.au", "tags": ["Third Party Advisory"], "url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.themissinglink.com.au/security-advisories/cve-2023-6451"}], "sourceIdentifier": "vdp@themissinglink.com.au", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1394"}], "source": "vdp@themissinglink.com.au", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}