CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-4612 – MFA bypass in Apereo CAS
https://notcve.org/view.php?id=CVE-2023-4612
Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there is no patch, and the vendor does not treat it as a vulnerability. Vulnerabilidad de autenticación incorrecta en Apereo CAS en jakarta.servlet.http.HttpServletRequest.getRemoteAddr permite omitir la autenticación multifactor. Este problema afecta a CAS: hasta 7.0.0-RC7. • https://cert.pl/en/posts/2023/11/CVE-2023-4612 https://cert.pl/posts/2023/11/CVE-2023-4612 • CWE-287: Improper Authentication CWE-302: Authentication Bypass by Assumed-Immutable Data •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28857 – LDAP password leak in Apereo CAS - GHSL-2023-009
https://notcve.org/view.php?id=CVE-2023-28857
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “ssl_client_cert”. When checking the validity of the provided client certificate, X509CredentialsAuthenticationHandler performs check that this certificate is not revoked. To do so, it fetches URLs provided in the “CRL Distribution Points” extension of the certificate, which are taken from the certificate itself and therefore can be controlled by a malicious user. • https://apereo.github.io/2023/02/20/x509-vuln https://github.com/apereo/cas/releases/tag/v6.6.6 https://securitylab.github.com/advisories/GHSL-2023-009_Apereo_CAS • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 17%CPEs: 2EXPL: 0CVE-2021-42567
https://notcve.org/view.php?id=CVE-2021-42567
Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints. Apereo CAS versiones hasta 6.4.1, permite un ataque de tipo XSS por medio de peticiones POST enviadas a los endpoints de la API REST • https://apereo.github.io/2021/10/18/restvuln https://github.com/apereo/cas/releases • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27178
https://notcve.org/view.php?id=CVE-2020-27178
Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. Apereo CAS versiones 5.3.x anteriores a 5.3.16, versiones 6.x anteriores a 6.1.7.2, versiones 6.2.x anteriores a 6.2.4 y versiones 6.3.x anteriores a 6.3.0-RC4, maneja inapropiadamente las claves secretas con Google Authenticator para la autenticación multifactor • https://apereo.github.io/2020/10/14/gauthvuln •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 5CVE-2019-10754
https://notcve.org/view.php?id=CVE-2019-10754
Multiple classes used within Apereo CAS before release 6.1.0-RC5 makes use of apache commons-lang3 RandomStringUtils for token and ID generation which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. Múltiples clases utilizadas dentro de Apereo CAS versiones anteriores a 6.1.0-RC5, hacen uso de RandomStringUtils de Apache commons-lang3 para la generación de tokens e ID, lo que los hace predecibles debido a que el algoritmo de RandomStringUtils PRNG no es criptográficamente fuerte. • https://snyk.io/vuln/SNYK-JAVA-ORGAPEREOCAS-467402 https://snyk.io/vuln/SNYK-JAVA-ORGAPEREOCAS-467404 https://snyk.io/vuln/SNYK-JAVA-ORGAPEREOCAS-467406 https://snyk.io/vuln/SNYK-JAVA-ORGAPEREOCAS-468868 https://snyk.io/vuln/SNYK-JAVA-ORGAPEREOCAS-468869 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •