Submit #383217: Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-759: Use of a One-Way Hash without a Saltinfo

TitleHorizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-759: Use of a One-Way Hash without a Salt
DescriptionNOTE - This submit shall be embargoed until 14:00 CET on 2024-08-01 - NOTE CVE-2024-38881: An issue in Horizon Business Services Inc. Caterease Software allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords. Vulnerability Type: CWE-759: Use of a One-Way Hash without a Salt Vendor of the Product: Horizon Business Services Inc. Affected Product: Caterease Software Affected Versions: 16.0.1.1663 through 24.0.1.2405 Attack Vector: Remote Attack Type: CAPEC-55: Rainbow Table Password Cracking Vulnerability Summary: Caterease Software stores user password hashes without salts, making them vulnerable to rainbow table attacks. This vulnerability arises because the application fails to use a cryptographic salt when hashing passwords, a critical security measure designed to protect against precomputed hash attacks. An attacker can exploit this vulnerability by precomputing hash values for a wide range of possible passwords and then comparing them to the stored hashes. Once a match is found, the original password can be recovered, leading to unauthorized access to user accounts. The exposure of unsalted hashes not only compromises the security of the Caterease Software accounts but also facilitates further attacks, such as credential stuffing on other systems where users may have reused passwords. The lack of salting significantly compromises user account confidentiality and can result in privilege escalation, where an attacker gains access to higher-privilege accounts. CVSS Base Score: Medium Risk - 6.5 CVSS v3.1 Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Exploitability Metrics Attack Vector (AV): Adjacent Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None Scope (S): Unchanged Impact Metrics Confidentiality (C): High Integrity (I): None Availability (A): None
User
 jTag Labs (UID 51246)
Submission07/30/2024 16:51 (2 years ago)
Moderation08/01/2024 14:14 (2 days later)
StatusAccepted
VulDB entry273365 [Horizon Business Services Caterease up to 24.0.1.2405 User Password hash without salt]
Points17

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!