CVE-2024-7318

{"id": "CVE-2024-7318", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.2}]}, "published": "2024-09-09T19:15:14.237", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:6502", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:6503", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2024-7318", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301876", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-324"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds (default). Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute.\r\nA one time passcode that is valid longer than its expiration time increases the attack window for malicious actors to abuse the system and compromise accounts. Additionally, it increases the attack surface because at any given time, two OTPs are valid."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Keycloak. Los c\u00f3digos OTP vencidos a\u00fan se pueden usar al usar FreeOTP cuando el per\u00edodo del token OTP est\u00e1 configurado en 30 segundos (predeterminado). En lugar de vencer y considerarse inutilizables despu\u00e9s de unos 30 segundos, los tokens son v\u00e1lidos durante 30 segundos adicionales, lo que suma un total de 1 minuto. Un c\u00f3digo de acceso de un solo uso que sea v\u00e1lido por m\u00e1s tiempo que su tiempo de vencimiento aumenta la ventana de ataque para que los actores maliciosos abusen del sistema y comprometan las cuentas. Adem\u00e1s, aumenta la superficie de ataque porque en un momento dado, dos OTP son v\u00e1lidas."}], "lastModified": "2024-09-20T16:02:06.977", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:build_of_keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2383FB8-896C-4C88-8256-88D8EEA0C0CE", "versionEndExcluding": "24.0.7", "versionStartIncluding": "22.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}