CVE-2020-5229

Opencast stores passwords using outdated MD5 hash algorithm

Severity Score

8.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user's password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint.

Opencast versiones anteriores a 8.1, almacena contraseñas usando el algoritmo hash MD5 bastante antiguo y criptográficamente no seguro. Además, los hash son salados utilizando el nombre de usuario en lugar de una sal aleatoria, causando que los hash para usuarios con el mismo nombre de usuario y contraseña choquen, lo que es problemático, especialmente para usuarios populares tales como el usuario predeterminado "admin". Esto esencialmente significa que para un atacante, podría ser factible reconstruir la contraseña de un usuario dado el acceso a estos hashes. Considere que los atacantes al necesitar acceso a los hashes significa que deben obtener acceso a la base de datos en la que se almacenan primero, para que sean capaces de descifrar las contraseñas. El problema es abordado en Opencast versión 8.1, que ahora utiliza el algoritmo de hash de contraseña bcrypt moderno y mucho más fuerte para almacenar contraseñas. Tome en cuenta que los hashes antiguos permanecen MD5 hasta que se actualiza la contraseña. Para obtener una lista de los usuarios cuyos hash de contraseña son almacenados con MD5, visualice al endpoint REST "/user-utils/users/md5.json".

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-02 CVE Reserved
2020-01-30 CVE Published
2023-03-08 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

CAPEC

References (2)

URL	Tag	Source
https://github.com/opencast/opencast/security/advisories/GHSA-h362-m8f2-5x7c	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/opencast/opencast/commit/32bfbe5f78e214e2d589f92050228b91d704758e	2020-02-05

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apereo Search vendor "Apereo"		Opencast Search vendor "Apereo" for product "Opencast"				< 8.1 Search vendor "Apereo" for product "Opencast" and version " < 8.1"		-		Affected