CVE-2020-4042
MEDIUMbareos < 19.2.8 - Authentication Bypass via CRAM-MD5 Challenge Replay
Title source: llmDescription
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8.
References (2)
Core 2
Core References
Mitigation, Third Party Advisory x_refsource_confirm
https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752
Vendor Advisory x_refsource_misc
https://bugs.bareos.org/view.php?id=1250
Scores
CVSS v3
6.8
EPSS
0.0097
EPSS Percentile
57.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
Details
CWE
CWE-294
Status
published
Products (2)
bareos/bareos
19.2.8 pre
bareos/bareos
< 19.2.7
Published
Jul 10, 2020
Tracked Since
Feb 18, 2026