GHSA-vhmj-5q9r-mm9g
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vhmj-5q9r-mm9g
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/07/GHSA-vhmj-5q9r-mm9g/GHSA-vhmj-5q9r-mm9g.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vhmj-5q9r-mm9g
- Published
- 2024-07-17T16:01:37Z
- Modified
- 2024-12-06T05:24:25.053967Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
- 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N CVSS Calculator
- Summary
- BlastRADIUS also affects eduMFA
- Details
-
Summary
BlastRADIUS (see blastradius.fail for details) also affects eduMFA prior version 2.2.0, because the Message-Authenticator attributes were not checked.
Details
Website with the vulnerability information blastradius.fail The original vulnerability has been assigned CVE-2024-3596 Case in vince: https://kb.cert.org/vuls/id/456537
PoC
There is no known proof-of-concept except for the attack shown in the paper from the researchers
Impact
An attacker can trigger an authentication flow with a RADIUS-backed token, intercept the RADIUS packet sent by eduMFA and modify the RADIUS server's answer, which would lead eduMFA to believe that the token is valid, even though the RADIUS servers answer was a reject.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-924" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-07-17T16:01:37Z" }- References
Affected packages
PyPI / edumfa
Package
- Name
- edumfa
- View open source insights on deps.dev
- Purl
- pkg:pypi/edumfa