Account takeover in Apache StreamPipes
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-29868 |
| CWE-ID | CWE-338 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
StreamPipes Server applications / Other server solutions |
| Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
EUVDB-ID: #VU93120
Risk: High
CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-29868
CWE-ID:
CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise accounts of application users.
The vulnerability exists due to usage of a weak pseudo-random number generator for recovery tokens. A remote attacker can use the self-registration and password recovery mechanism to take over an arbitrary user account.
Install updates from vendor's website.
Vulnerable software versionsStreamPipes: 0.69.0 - 0.93.0
CPE2.3- cpe:2.3:a:apache_foundation:streampipes:0.93.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:streampipes:0.90.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache_foundation:streampipes:0.92.0:*:*:*:*:*:*:*
http://lists.apache.org/thread/zqn5z48gz7bp0q8ctk96ht8bc7vd3njv
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
