Sign-up

ID

VAR-202007-0690


CVE

CVE-2020-15688


TITLE

GoAhead  In  Capture-replay  Authentication Bypass Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-008671

DESCRIPTION

The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. GoAhead for, Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. GoAhead is the world's most popular, tiny embedded web server. It is compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices.A security vulnerability affecting GoAhead versions 2 to 5 has been identified when using Digest authentication over HTTP. GoAhead versions 3 to 5 validated the nonce with a fixed duration of 5 minutes which permitted short-period replays. This duration is too long for most implementations.Tested on: GoAhead-httpGoAhead-Webs. There is a security vulnerability in Embedthis Software GoAhead versions before 5.1.2. An attacker could exploit this vulnerability to bypass authentication

Trust: 1.8

sources: NVD: CVE-2020-15688 // JVNDB: JVNDB-2020-008671 // ZSL: ZSL-2020-5598 // VULHUB: VHN-168691

AFFECTED PRODUCTS

vendor:embedthismodel:goaheadscope:ltversion:5.1.2

Trust: 1.0

vendor:embedthismodel:goaheadscope:eqversion: -

Trust: 0.8

vendor:embedthismodel:goaheadscope:eqversion:5.1.2

Trust: 0.8

vendor:embedthismodel:goahead web serverscope:ltversion:<=5.1.1 and <=4.1.2

Trust: 0.1

sources: ZSL: ZSL-2020-5598 // JVNDB: JVNDB-2020-008671 // NVD: CVE-2020-15688

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-15688
value: HIGH

Trust: 1.0

NVD: CVE-2020-15688
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202007-1390
value: HIGH

Trust: 0.6

ZSL: ZSL-2020-5598
value: (3/5)

Trust: 0.1

VULHUB: VHN-168691
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-15688
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-168691
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-15688
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-15688
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZSL: ZSL-2020-5598 // VULHUB: VHN-168691 // JVNDB: JVNDB-2020-008671 // CNNVD: CNNVD-202007-1390 // NVD: CVE-2020-15688

PROBLEMTYPE DATA

problemtype:CWE-294

Trust: 1.1

problemtype:Capture-replay authentication evasion by (CWE-294) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-168691 // JVNDB: JVNDB-2020-008671 // NVD: CVE-2020-15688

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-1390

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-1390

EXPLOIT AVAILABILITY

sources:
            
            
            ZSL: ZSL-2020-5598

PATCH
title:Digest Nonce Handling over HTTP #3url:https://github.com/embedthis/goahead-gpl/issues/3
Trust: 0.8
title:Embedthis Software GoAhead Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125067
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-008671 // 
            
            
            
            CNNVD: CNNVD-202007-1390

EXTERNAL IDS
db:NVDid:CVE-2020-15688
Trust: 3.4
db:PACKETSTORMid:159505
Trust: 1.8
db:JVNid:JVNVU92569237
Trust: 0.8
db:JVNDBid:JVNDB-2020-008671
Trust: 0.8
db:CXSECURITYid:WLB-2020100044
Trust: 0.7
db:CNNVDid:CNNVD-202007-1390
Trust: 0.7
db:EXPLOIT-DBid:48958
Trust: 0.1
db:ZSLid:ZSL-2020-5598
Trust: 0.1
db:CNVDid:CNVD-2020-46563
Trust: 0.1
db:VULHUBid:VHN-168691
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2020-5598 // 
            
            
            
            VULHUB: VHN-168691 // 
            
            
            
            JVNDB: JVNDB-2020-008671 // 
            
            
            
            CNNVD: CNNVD-202007-1390 // 
            
            
            
            NVD: CVE-2020-15688

REFERENCES
url:http://packetstormsecurity.com/files/159505/embedthis-goahead-web-server-5.1.1-digest-authentication-capture-replay-nonce-reuse.html
Trust: 2.3
url:https://github.com/embedthis/goahead-gpl/issues/3
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-15688
Trust: 1.5
url:https://jvn.jp/vu/jvnvu92569237/index.html
Trust: 0.8
url:https://cxsecurity.com/issue/wlb-2020100044
Trust: 0.7
url:https://github.com/embedthis/goahead-gpl/issues/2
Trust: 0.1
url:https://github.com/embedthis/appweb-gpl/issues/4
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-15688
Trust: 0.1
url:https://www.tenable.com/cve/cve-2020-15688
Trust: 0.1
url:https://cert.civis.net/en/index.php?action=alert&param=cve-2020-15688
Trust: 0.1
url:https://packetstormsecurity.com/files/159505
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/185771
Trust: 0.1
url:https://www.exploit-db.com/exploits/48958
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2020-5598 // 
            
            
            
            VULHUB: VHN-168691 // 
            
            
            
            JVNDB: JVNDB-2020-008671 // 
            
            
            
            CNNVD: CNNVD-202007-1390 // 
            
            
            
            NVD: CVE-2020-15688

CREDITS
LiquidWorm
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202007-1390

SOURCES
db:ZSLid:ZSL-2020-5598
db:VULHUBid:VHN-168691
db:JVNDBid:JVNDB-2020-008671
db:CNNVDid:CNNVD-202007-1390
db:NVDid:CVE-2020-15688

LAST UPDATE DATE
2024-08-14T13:01:26.841000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2020-5598date:2020-11-04T00:00:00
db:VULHUBid:VHN-168691date:2023-01-31T00:00:00
db:JVNDBid:JVNDB-2020-008671date:2023-05-11T08:45:00
db:CNNVDid:CNNVD-202007-1390date:2020-10-10T00:00:00
db:NVDid:CVE-2020-15688date:2023-01-31T17:25:42.877

SOURCES RELEASE DATE
db:ZSLid:ZSL-2020-5598date:2020-10-06T00:00:00
db:VULHUBid:VHN-168691date:2020-07-23T00:00:00
db:JVNDBid:JVNDB-2020-008671date:2020-09-18T00:00:00
db:CNNVDid:CNNVD-202007-1390date:2020-07-23T00:00:00
db:NVDid:CVE-2020-15688date:2020-07-23T13:15:10.257