// For flags

CVE-2024-24814

Denial of service when manipulating mod_auth_openidc_session_chunks cookie in mod_auth_openidc

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like 99999999, the server struggles with the request for a long time and finally gets back with a 500 error. Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

mod_auth_openidc es un módulo de autorización y autenticación OpenID Certified™ para el servidor HTTP Apache 2.x que implementa la funcionalidad OpenID Connect Relying Party. En las versiones afectadas, la falta de validación de entrada en el valor de la cookie mod_auth_openidc_session_chunks hace que el servidor sea vulnerable a un ataque de denegación de servicio (DoS). Se realizó una auditoría de seguridad interna y los revisores descubrieron que si manipulaban el valor de la cookie mod_auth_openidc_session_chunks a un número entero muy grande, como 99999999, el servidor lucha con la solicitud durante mucho tiempo y finalmente regresa con un error 500. Realizar algunas solicitudes de este tipo provocó que nuestro servidor dejara de responder. Los atacantes pueden crear solicitudes que harían que el servidor trabaje muy duro (y posiblemente deje de responder) y/o colapse con un mínimo esfuerzo. Este problema se solucionó en la versión 2.4.15.2. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. Missing input validation in the mod_auth_openidc_session_chunks cookie value can make the server vulnerable to a denial of service attack. This issue may allow a remote attacker to craft a request that causes the application or system to slow down or crash due to unhandled errors.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2024-01-31 CVE Reserved
  • 2024-02-13 CVE Published
  • 2024-08-01 CVE Updated
  • 2024-10-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
OpenIDC
Search vendor "OpenIDC"
Mod Auth Openidc
Search vendor "OpenIDC" for product "Mod Auth Openidc"
>= 2.0.0.0 < 2.4.15.2
Search vendor "OpenIDC" for product "Mod Auth Openidc" and version " >= 2.0.0.0 < 2.4.15.2"
en
Affected