Submit #383223: Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-757: Selection of Less-Secure Algorithm During Negotiation (info

Title	Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-757: Selection of Less-Secure Algorithm During Negotiation (
Description	NOTE - This submit shall be embargoed until 14:00 CET on 2024-08-01 - NOTE CVE-2024-38883: An issue in Horizon Business Services Inc. Caterease Software allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation. Vulnerability Type: CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') Vendor of the Product: Horizon Business Services Inc. Affected Product: Caterease Software Affected Versions: 16.0.1.1663 through 24.0.1.2405 Attack Vector: Remote Attack Type: CAPEC-620: Drop Encryption Level Vulnerability Summary: Caterease Software does not enforce encryption during the TDS7 PreLogin authentication sequence, making it susceptible to a downgrade attack. Attackers can intercept the initial handshake between the Caterease Software client and the SQL server and manipulate the server's response to indicate that encryption is not supported. As a result, the client will proceed to send sensitive information, including database credentials, in plaintext over the network. By exploiting this vulnerability, attackers can capture the unencrypted credentials and use them to gain unauthorized access to the SQL database. This exposure not only compromises the confidentiality of the credentials but also allows attackers to read, modify, or delete database records, leading to significant data breaches and integrity issues. CVSS Base Score: Critical Risk - 9.3 CVSS v3.1 Vector: AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N Exploitability Metrics Attack Vector (AV): Adjacent Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None Scope (S): Changed Impact Metrics Confidentiality (C): High Integrity (I): High Availability (A): None
User	jTag Labs (UID 51246)
Submission	07/30/2024 16:53 (2 years ago)
Moderation	08/01/2024 14:14 (2 days later)
Status	Accepted
VulDB entry	273367 [Horizon Business Services Caterease up to 24.0.1.2405 TDS7 PreLogin Authentication downgrade]
Points	17

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!