CVE-2024-24770
MEDIUM5.3EPSS 0.20%vantage6 vulnerable to a username timing attack on recover password/MFA token
發布日:2024/3/15修改日:2026/2/4
描述
### Impact Much like https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes `/recover/lost` and `/2fa/lost`, which send emails to users if they have lost their password or MFA token. Usernames can be found by assessing response time differences, and additionally, they can be found because the endpoint gives a response "Failed to login" if the username exists. ### Patches No ### Workarounds No
受影響套件(1)
- PyPI/vantage6from 0, < 4.3.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-24770
- PATCHhttps://github.com/vantage6/vantage6
- WEBhttps://github.com/vantage6/vantage6/commit/aecfd6d0e83165a41a60ebd52d2287b0217be26b
- WEBhttps://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53
- WEBhttps://github.com/vantage6/vantage6/security/advisories/GHSA-5h3x-6gwf-73jm