2021-01-02 04:56:15 +00:00
id : CVE-2020-26214
2020-11-07 10:47:02 +00:00
2022-04-22 10:38:41 +00:00
info :
2022-04-25 14:35:07 +00:00
name : Alerta < 8.1.0 - Authentication Bypass
2022-07-13 17:36:28 +00:00
author : CasperGN,daffainfo
2020-11-07 10:47:02 +00:00
severity : critical
2022-04-25 14:35:07 +00:00
description : Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization provider and the LDAP server accepts Unauthenticated Bind requests.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability allows an attacker to bypass authentication and gain unauthorized access to Alerta.
2023-09-06 12:22:36 +00:00
remediation : |
Upgrade Alerta to version 8.1.0 or later to mitigate this vulnerability.
2021-08-18 11:37:49 +00:00
reference :
2021-03-11 10:26:36 +00:00
- https://github.com/advisories/GHSA-5hmm-x8q8-w5jh
- https://tools.ietf.org/html/rfc4513#section-5.1.2
- https://pypi.org/project/alerta-server/8.1.0/
2022-03-29 10:33:49 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-26214
2023-07-11 19:49:27 +00:00
- https://github.com/alerta/alerta/commit/2bfa31779a4c9df2fa68fa4d0c5c909698c5ef65
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022-04-22 10:38:41 +00:00
cvss-score : 9.8
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-26214
cwe-id : CWE-287
2023-10-26 18:00:24 +00:00
epss-score : 0.01546
2024-04-08 11:34:33 +00:00
epss-percentile : 0.85739
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:alerta_project:alerta:*:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : alerta_project
product : alerta
2023-12-05 09:50:33 +00:00
tags : cve,cve2020,alerta,auth-bypass,alerta_project
2020-11-07 10:47:02 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-11-07 10:47:02 +00:00
- method : GET
path :
- '{{BaseURL}}/api/config'
matchers-condition : and
matchers :
2023-07-11 19:49:27 +00:00
- type : dsl
dsl :
- compare_versions(version, '< 8.1.0')
2022-07-09 10:45:55 +00:00
- type : word
2020-11-07 10:47:02 +00:00
part : body
2022-07-09 10:45:55 +00:00
words :
- '"alarm_model"'
- '"actions"'
- '"severity"'
condition : and
2022-07-13 17:38:07 +00:00
- type : status
status :
- 200
extractors :
- type : regex
name : version
group : 1
regex :
- '"name": "Alerta ([0-9.]+)"'
2023-07-11 19:49:27 +00:00
internal : true
2022-07-13 17:38:07 +00:00
2022-07-13 17:45:25 +00:00
- type : regex
group : 1
regex :
- '"name": "Alerta ([0-9.]+)"'
2024-01-14 14:05:19 +00:00
# digest: 4a0a00473045022100e204bd9385cf6b58f653e6b232edefbe1ce420d88afa77870717ebc626d8a2ea022067167ad2a0440c6d8e17db9ad35d149a90e5b289ee02d11bcaf428a2b3af61cf:922c64590222798bb761d5b6d8e72950