Description
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
Published: 2026-05-20
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A timing side channel exists in Memcached’s SASL password database authentication, where the use of memcmp in sasl_server_userdb_checkpass exposes measurable differences in response times that an attacker can exploit to infer password information. This flaw can enable an attacker to bypass authentication on vulnerable servers without direct credential access.

Affected Systems

The vulnerability affects all Memcached installations running a version earlier than 1.6.42. The affected product is the Memcached server maintained by the Memcached project, as indicated by the referenced GitHub entries and release notes for 1.6.42.

Risk and Exploitability

With a CVSS score of 8.1, the weakness poses a high severity risk. The exploit probability is not quantified in the EPSS data and the flaw is not listed in the CISA KEV catalog. The attack likely requires the ability to send SASL authentication requests to the server and measure the resulting response times, which can be performed remotely if the Memcached service is exposed and SASL authentication is enabled. Successful exploitation would allow an adversary to deduce user passwords and gain unauthorized access.

Generated by OpenCVE AI on May 20, 2026 at 07:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Memcached to version 1.6.42 or newer to eliminate the timing side channel.
  • Disable SASL authentication if it is not required for your environment.
  • Restrict network access to the Memcached service so that only trusted hosts can connect, reducing the attacker’s ability to measure timing differences.

Generated by OpenCVE AI on May 20, 2026 at 07:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 20 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 20 May 2026 07:45:00 +0000

Type Values Removed Values Added
Title Timing Side Channel in Memcached SASL Authentication

Wed, 20 May 2026 06:30:00 +0000

Type Values Removed Values Added
Description In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
First Time appeared Memcached
Memcached memcached
Weaknesses CWE-208
CPEs cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:*
Vendors & Products Memcached
Memcached memcached
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Memcached Memcached
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-20T12:21:02.894Z

Reserved: 2026-05-20T05:45:37.209Z

Link: CVE-2026-47784

cve-icon Vulnrichment

Updated: 2026-05-20T12:20:59.429Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-20T07:16:15.733

Modified: 2026-05-20T14:24:24.227

Link: CVE-2026-47784

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-20T09:30:15Z

Weaknesses