#VU17716 Security restrictions bypass in OpenAM - CVE-2018-0696

Cybersecurity Help s.r.o.

Published: 2019-02-15

Vulnerability identifier: #VU17716

Vulnerability risk: Medium

CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-0696

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenAM
Server applications / Remote management servers, RDP, SSH

Vendor: OpenAM Consortium

Description

The vulnerability allows a remote authenticated attacker to bypass security restrictions.

The vulnerability exists due to due to improper session management. A remote attacker can modify security questions and then change existing users’ passwords that may allow to cause a denial of service (DoS) condition or conduct further attacks.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenAM: 13.0

External links
https://jvn.jp/en/jp/JVN49995005/index.html
https://www.cs.themistruct.com/report/wam20181012
https://www.osstech.co.jp/support/am2018-4-1-en

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Security restrictions bypass in OpenAM