CVE-2024-5264 - Vulnerability Details - OpenCVE

Description

Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis

Published: 2024-05-23

Score: 5.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Thales

Luna EFT

unaffected

Version	Status	Constraints
`2.1.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:thalesgroup:luna_eft:2.1:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Workaround

Disable functionality in the console - see linked bulletin

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-46501	Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00048.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531

History

No history.

Subscriptions

Thalesgroup Luna Eft

MITRE

Status: PUBLISHED

Assigner: THA-PSIRT

Published: 2024-05-23T08:40:56.239Z

Updated: 2024-08-01T21:11:11.016Z

Reserved: 2024-05-23T08:39:05.391Z

Link: CVE-2024-5264

Vulnrichment

Updated: 2024-08-01T21:11:11.016Z

NVD

Status : Modified

Published: 2024-05-23T09:15:10.170

Modified: 2024-11-21T09:47:18.360

Link: CVE-2024-5264

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-338

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5264", "assignerOrgId": "9d5917ae-205d-4ae5-8749-1f49479b1395", "state": "PUBLISHED", "assignerShortName": "THA-PSIRT", "dateReserved": "2024-05-23T08:39:05.391Z", "datePublished": "2024-05-23T08:40:56.239Z", "dateUpdated": "2024-08-01T21:11:11.016Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Network Key Transfer with AES KHT"], "platforms": ["Appliance"], "product": "Luna EFT", "vendor": "Thales", "versions": [{"status": "affected", "version": "2.1.0"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Network Transfer with AES KHT"}], "value": "Network Transfer with AES KHT"}], "credits": [{"lang": "en", "type": "finder", "value": "Cory Whitesell, Sr. Security Engineer, Transaction Network Services"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis"}], "value": "Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis"}], "impacts": [{"capecId": "CAPEC-20", "descriptions": [{"lang": "en", "value": "CAPEC-20 Encryption Brute Forcing"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-338", "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9d5917ae-205d-4ae5-8749-1f49479b1395", "shortName": "THA-PSIRT", "dateUpdated": "2024-05-23T08:40:56.239Z"}, "references": [{"url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531"}], "source": {"discovery": "EXTERNAL"}, "title": "Network Key Transfer with AES KHT vulnerability in Luna EFT", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Disable functionality in the console - see linked bulletin"}], "value": "Disable functionality in the console - see linked bulletin"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "thalesgroup", "product": "luna_eft", "cpes": ["cpe:2.3:a:thalesgroup:luna_eft:2.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.1", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T20:41:30.681683Z", "id": "CVE-2024-5264", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T20:41:33.798Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:11:11.016Z"}, "title": "CVE Program Container", "references": [{"url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:11:11.016Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-12T20:41:30.681683Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:thalesgroup:luna_eft:2.1:*:*:*:*:*:*:*"], "vendor": "thalesgroup", "product": "luna_eft", "versions": [{"status": "affected", "version": "2.1", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T20:40:55.390Z"}}], "cna": {"title": "Network Key Transfer with AES KHT vulnerability in Luna EFT", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Cory Whitesell, Sr. Security Engineer, Transaction Network Services"}], "impacts": [{"capecId": "CAPEC-20", "descriptions": [{"lang": "en", "value": "CAPEC-20 Encryption Brute Forcing"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Thales", "modules": ["Network Key Transfer with AES KHT"], "product": "Luna EFT", "versions": [{"status": "affected", "version": "2.1.0"}], "platforms": ["Appliance"], "defaultStatus": "unaffected"}], "references": [{"url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531"}], "workarounds": [{"lang": "en", "value": "Disable functionality in the console - see linked bulletin", "supportingMedia": [{"type": "text/html", "value": "Disable functionality in the console - see linked bulletin", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis", "supportingMedia": [{"type": "text/html", "value": "Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-338", "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"}]}], "configurations": [{"lang": "en", "value": "Network Transfer with AES KHT", "supportingMedia": [{"type": "text/html", "value": "Network Transfer with AES KHT", "base64": false}]}], "providerMetadata": {"orgId": "9d5917ae-205d-4ae5-8749-1f49479b1395", "shortName": "THA-PSIRT", "dateUpdated": "2024-05-23T08:40:56.239Z"}}}, "cveMetadata": {"cveId": "CVE-2024-5264", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:11:11.016Z", "dateReserved": "2024-05-23T08:39:05.391Z", "assignerOrgId": "9d5917ae-205d-4ae5-8749-1f49479b1395", "datePublished": "2024-05-23T08:40:56.239Z", "assignerShortName": "THA-PSIRT"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thalesgroup:luna_eft:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "841D21E0-2E6F-4775-B3A5-034A9A6AEC37", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis"}, {"lang": "es", "value": "La transferencia de red con AES KHT en Thales Luna EFT 2.1 y superior permite a un usuario con acceso a la consola administrativa acceder a las copias de seguridad realizadas mediante an\u00e1lisis fuera de l\u00ednea."}], "id": "CVE-2024-5264", "lastModified": "2024-11-21T09:47:18.360", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.2, "source": "psirt@thalesgroup.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-23T09:15:10.170", "references": [{"source": "psirt@thalesgroup.com", "tags": ["Permissions Required"], "url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=50da3cd9c302c218204e2a6ce00131b9&sysparm_article=KB0028531"}], "sourceIdentifier": "psirt@thalesgroup.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-338"}], "source": "psirt@thalesgroup.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-338"}], "source": "nvd@nist.gov", "type": "Primary"}]}