cve-2024-24554
Vulnerability from cvelistv5
Published
2024-06-24 07:11
Modified
2024-08-01 23:19
Severity ?
6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
References
vulnerability@ncsc.chhttps://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
af854a3a-2127-422b-91ae-364da2661108https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Impacted products
Vendor Product Version
Bludit Bludit Version: 2.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-24554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T13:47:33.209605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T13:47:43.818Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:19:52.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.bludit.com/",
          "defaultStatus": "unaffected",
          "packageName": "Bludit",
          "platforms": [
            "Linux",
            "Windows",
            "MacOS"
          ],
          "product": "Bludit",
          "repo": "https://github.com/bludit/bludit/",
          "vendor": "Bludit",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Admin must enable the API (API is disabled by default).\u003cbr\u003e"
            }
          ],
          "value": "Admin must enable the API (API is disabled by default)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Andreas Pfefferle, Redguard AG"
        }
      ],
      "datePublic": "2024-06-20T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.\u003cbr\u003e"
            }
          ],
          "value": "Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-338",
              "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-24T07:11:36.377Z",
        "orgId": "455daabc-a392-441d-aa46-37d35189897c",
        "shortName": "NCSC.ch"
      },
      "references": [
        {
          "url": "https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Generating secure API and user auth tokens in PHP involves creating unique and cryptographically secure strings that can be used as tokens for authentication purposes. The following code snippet is a basic example of how to generate secure API tokens in PHP:\u003cbr\u003e\u003cbr\u003e```php\u003cbr\u003efunction generateApiToken($length = 32) {\u003cbr\u003e\u0026nbsp; \u0026nbsp; $token = bin2hex(random_bytes($length));\u003cbr\u003e\u0026nbsp; \u0026nbsp; return $token;\u003cbr\u003e}\u003cbr\u003e```\u003cbr\u003e"
            }
          ],
          "value": "Generating secure API and user auth tokens in PHP involves creating unique and cryptographically secure strings that can be used as tokens for authentication purposes. The following code snippet is a basic example of how to generate secure API tokens in PHP:\n\n```php\nfunction generateApiToken($length = 32) {\n\u00a0 \u00a0 $token = bin2hex(random_bytes($length));\n\u00a0 \u00a0 return $token;\n}\n```"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Bludit - Insecure Token Generation",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Disable API."
            }
          ],
          "value": "Disable API."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
    "assignerShortName": "NCSC.ch",
    "cveId": "CVE-2024-24554",
    "datePublished": "2024-06-24T07:11:36.377Z",
    "dateReserved": "2024-01-25T14:02:00.527Z",
    "dateUpdated": "2024-08-01T23:19:52.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-24554\",\"sourceIdentifier\":\"vulnerability@ncsc.ch\",\"published\":\"2024-06-24T08:15:09.130\",\"lastModified\":\"2024-11-21T08:59:24.343\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.\"},{\"lang\":\"es\",\"value\":\"Bludit utiliza m\u00e9todos predecibles en combinaci\u00f3n con el algoritmo hash MD5 para generar tokens confidenciales, como el token API y el token de usuario. Esto permite a los atacantes autenticarse en la API de Bludit.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"vulnerability@ncsc.ch\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"LOW\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"NONE\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"vulnerability@ncsc.ch\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"},{\"lang\":\"en\",\"value\":\"CWE-338\"}]}],\"references\":[{\"url\":\"https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/\",\"source\":\"vulnerability@ncsc.ch\"},{\"url\":\"https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:19:52.903Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-24554\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-24T13:47:33.209605Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-24T13:47:39.144Z\"}}], \"cna\": {\"title\": \"Bludit - Insecure Token Generation\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Andreas Pfefferle, Redguard AG\"}], \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/bludit/bludit/\", \"vendor\": \"Bludit\", \"product\": \"Bludit\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"platforms\": [\"Linux\", \"Windows\", \"MacOS\"], \"packageName\": \"Bludit\", \"collectionURL\": \"https://www.bludit.com/\", \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Generating secure API and user auth tokens in PHP involves creating unique and cryptographically secure strings that can be used as tokens for authentication purposes. The following code snippet is a basic example of how to generate secure API tokens in PHP:\\n\\n```php\\nfunction generateApiToken($length = 32) {\\n\\u00a0 \\u00a0 $token = bin2hex(random_bytes($length));\\n\\u00a0 \\u00a0 return $token;\\n}\\n```\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Generating secure API and user auth tokens in PHP involves creating unique and cryptographically secure strings that can be used as tokens for authentication purposes. The following code snippet is a basic example of how to generate secure API tokens in PHP:\u003cbr\u003e\u003cbr\u003e```php\u003cbr\u003efunction generateApiToken($length = 32) {\u003cbr\u003e\u0026nbsp; \u0026nbsp; $token = bin2hex(random_bytes($length));\u003cbr\u003e\u0026nbsp; \u0026nbsp; return $token;\u003cbr\u003e}\u003cbr\u003e```\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-06-20T16:00:00.000Z\", \"references\": [{\"url\": \"https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Disable API.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Disable API.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-338\", \"description\": \"CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Admin must enable the API (API is disabled by default).\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Admin must enable the API (API is disabled by default).\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"455daabc-a392-441d-aa46-37d35189897c\", \"shortName\": \"NCSC.ch\", \"dateUpdated\": \"2024-06-24T07:11:36.377Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-24554\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T23:19:52.903Z\", \"dateReserved\": \"2024-01-25T14:02:00.527Z\", \"assignerOrgId\": \"455daabc-a392-441d-aa46-37d35189897c\", \"datePublished\": \"2024-06-24T07:11:36.377Z\", \"assignerShortName\": \"NCSC.ch\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.