Description
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
Published: 2026-05-20
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability lies in Memcached’s SASL authentication routine. When the server checks a supplied username, it exits the loop as soon as a match is found, creating a timing side channel that reveals whether a username exists in the SASL password database. The flaw does not disclose passwords but enables username enumeration, which can accelerate subsequent credential‑guessing attacks.

Affected Systems

Memcached servers running the memcached daemon prior to version 1.6.42 are affected. The issue appears in all releases up through 1.6.41 inclusive. Any unsupported builds that still ship the old SASL password database implementation remain vulnerable.

Risk and Exploitability

The CVSS score of 8.1 indicates high severity. EPSS data is not available, so precise exploitation likelihood is unclear. The likely attack vector is over the network via the SASL interface, as the flaw requires only remote access to the memcached service. The vulnerability is not listed in the CISA KEV catalog, suggesting no widespread exploits have been documented. Based on the description, an attacker could send repeated SASL authentication attempts, measuring timing differences, to enumerate usernames on exposed servers.

Generated by OpenCVE AI on May 20, 2026 at 07:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade memcached to version 1.6.42 or later to eliminate the timing side channel.
  • If an upgrade is not immediately possible, disable SASL authentication or restrict SASL connections to a trusted internal network and block external access until the upgrade is applied.
  • Monitor memcached logs for repeated SASL authentication attempts and investigate any sudden spikes in authentication traffic.

Generated by OpenCVE AI on May 20, 2026 at 07:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4601-1 memcached security update
Ubuntu USN Ubuntu USN USN-8320-1 Memcached vulnerabilities
History

Thu, 28 May 2026 00:15:00 +0000

Type Values Removed Values Added
Title Timing Side‑Channel in SASL Username Lookup Causes Username Enumeration in Memcached memcached: memcached: Username enumeration via timing side channel
References
Metrics threat_severity

None

 threat_severity

Important

Wed, 20 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 20 May 2026 08:15:00 +0000

Type Values Removed Values Added
Title Timing Side‑Channel in SASL Username Lookup Causes Username Enumeration in Memcached

Wed, 20 May 2026 06:30:00 +0000

Type Values Removed Values Added
Description In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
First Time appeared Memcached
Memcached memcached
Weaknesses CWE-208
CPEs cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:*
Vendors & Products Memcached
Memcached memcached
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Memcached Memcached
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-20T12:49:58.195Z

Reserved: 2026-05-20T05:43:46.363Z

Link: CVE-2026-47783

cve-icon Vulnrichment

Updated: 2026-05-20T12:49:54.179Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-20T07:16:15.533

Modified: 2026-05-21T17:06:40.670

Link: CVE-2026-47783

cve-icon Redhat

Severity : Important

Publid Date: 2026-05-20T05:43:46Z

Links: CVE-2026-47783 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T08:00:11Z

Weaknesses