VAR-202007-0690
Vulnerability from variot - Updated: 2023-12-18 11:32The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. GoAhead for, Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. GoAhead is the world's most popular, tiny embedded web server. It is compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices.A security vulnerability affecting GoAhead versions 2 to 5 has been identified when using Digest authentication over HTTP. GoAhead versions 3 to 5 validated the nonce with a fixed duration of 5 minutes which permitted short-period replays. This duration is too long for most implementations.Tested on: GoAhead-httpGoAhead-Webs. There is a security vulnerability in Embedthis Software GoAhead versions before 5.1.2. An attacker could exploit this vulnerability to bypass authentication
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-0690",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "goahead",
"scope": "lt",
"trust": 1.0,
"vendor": "embedthis",
"version": "5.1.2"
},
{
"model": "goahead",
"scope": "eq",
"trust": 0.8,
"vendor": "embedthis",
"version": null
},
{
"model": "goahead",
"scope": "eq",
"trust": 0.8,
"vendor": "embedthis",
"version": "5.1.2"
},
{
"model": "goahead web server",
"scope": "lt",
"trust": 0.1,
"vendor": "embedthis",
"version": "\u0026lt;=5.1.1 and \u0026lt;=4.1.2"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:embedthis:goahead:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.1.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-15688"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LiquidWorm",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
],
"trust": 0.6
},
"cve": "CVE-2020-15688",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-15688",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-168691",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-15688",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-15688",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-1390",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2020-5598",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "VULHUB",
"id": "VHN-168691",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "VULHUB",
"id": "VHN-168691"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. GoAhead for, Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. GoAhead is the world\u0027s most popular, tiny embedded web server. It is compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices.A security vulnerability affecting GoAhead versions 2 to 5 has been identified when using Digest authentication over HTTP. GoAhead versions 3 to 5 validated the nonce with a fixed duration of 5 minutes which permitted short-period replays. This duration is too long for most implementations.Tested on: GoAhead-httpGoAhead-Webs. There is a security vulnerability in Embedthis Software GoAhead versions before 5.1.2. An attacker could exploit this vulnerability to bypass authentication",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "VULHUB",
"id": "VHN-168691"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/goahead_noncereplay.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-15688",
"trust": 3.4
},
{
"db": "PACKETSTORM",
"id": "159505",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92569237",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671",
"trust": 0.8
},
{
"db": "CXSECURITY",
"id": "WLB-2020100044",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "48958",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2020-5598",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2020-46563",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-168691",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "VULHUB",
"id": "VHN-168691"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"id": "VAR-202007-0690",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-168691"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:32:15.779000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Digest\u00a0Nonce\u00a0Handling\u00a0over\u00a0HTTP\u00a0#3",
"trust": 0.8,
"url": "https://github.com/embedthis/goahead-gpl/issues/3"
},
{
"title": "Embedthis Software GoAhead Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=125067"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-294",
"trust": 1.1
},
{
"problemtype": "Capture-replay authentication evasion by (CWE-294) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-168691"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/159505/embedthis-goahead-web-server-5.1.1-digest-authentication-capture-replay-nonce-reuse.html"
},
{
"trust": 1.8,
"url": "https://github.com/embedthis/goahead-gpl/issues/3"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15688"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92569237/index.html"
},
{
"trust": 0.7,
"url": "https://cxsecurity.com/issue/wlb-2020100044"
},
{
"trust": 0.1,
"url": "https://github.com/embedthis/goahead-gpl/issues/2"
},
{
"trust": 0.1,
"url": "https://github.com/embedthis/appweb-gpl/issues/4"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-15688"
},
{
"trust": 0.1,
"url": "https://www.tenable.com/cve/cve-2020-15688"
},
{
"trust": 0.1,
"url": "https://cert.civis.net/en/index.php?action=alert\u0026amp;param=cve-2020-15688"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/159505"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/185771"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/48958"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "VULHUB",
"id": "VHN-168691"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"db": "VULHUB",
"id": "VHN-168691"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-06T00:00:00",
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"date": "2020-07-23T00:00:00",
"db": "VULHUB",
"id": "VHN-168691"
},
{
"date": "2020-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"date": "2020-07-23T13:15:10.257000",
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"date": "2020-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-04T00:00:00",
"db": "ZSL",
"id": "ZSL-2020-5598"
},
{
"date": "2023-01-31T00:00:00",
"db": "VULHUB",
"id": "VHN-168691"
},
{
"date": "2023-05-11T08:45:00",
"db": "JVNDB",
"id": "JVNDB-2020-008671"
},
{
"date": "2023-01-31T17:25:42.877000",
"db": "NVD",
"id": "CVE-2020-15688"
},
{
"date": "2020-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GoAhead\u00a0 In \u00a0Capture-replay\u00a0 Authentication Bypass Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-008671"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-1390"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…