CVE-2024-21495

MEDIUM

github.com/greenpau/caddy-security <1.0.42 - Info Disclosure

Title source: llm

Description

Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in the OAuth flow to conduct OAuth replay attacks. In addition, insecure randomness is used while generating multifactor authentication (MFA) secrets and creating API keys in the database package.

References (4)

[Third Party Advisory] https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/

[Issue Tracking] https://github.com/greenpau/caddy-security/issues/265

[Patch] https://github.com/greenpau/go-authcrunch/commit/ecd3725baf2683eb1519bb3c81ae41085fbf7dc2

View Patch ZIP pw:eip

[Third Party Advisory] https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6248275

Scores

CVSS v3 6.5

EPSS 0.0013

EPSS Percentile 31.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-330

Status published

Products (2)

greenpau/caddy-security < 1.0.42

greenpau/caddy-security 0Go

Published Feb 17, 2024

Tracked Since Feb 18, 2026