{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-8260", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2024-08-28T12:18:55.569Z", "datePublished": "2024-08-30T12:22:45.964Z", "dateUpdated": "2024-08-30T13:17:20.246Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/open-policy-agent/opa", "defaultStatus": "unaffected", "product": "OPA", "vendor": "Styra", "versions": [{"lessThan": "v0.68.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions."}], "value": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-294", "description": "CWE-294 Authentication Bypass by Capture-replay", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2024-08-30T12:22:45.964Z"}, "references": [{"url": "https://www.tenable.com/security/research/tra-2024-36"}], "source": {"discovery": "UNKNOWN"}, "title": "OPA SMB Force-Authentication", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-30T13:17:12.000729Z", "id": "CVE-2024-8260", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-30T13:17:20.246Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-8260", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-30T13:17:12.000729Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-30T13:17:16.045Z"}}], "cna": {"title": "OPA SMB Force-Authentication", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Styra", "product": "OPA", "versions": [{"status": "affected", "version": "0", "lessThan": "v0.68.0", "versionType": "custom"}], "collectionURL": "https://github.com/open-policy-agent/opa", "defaultStatus": "unaffected"}], "references": [{"url": "https://www.tenable.com/security/research/tra-2024-36"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions.", "supportingMedia": [{"type": "text/html", "value": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-294", "description": "CWE-294 Authentication Bypass by Capture-replay"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2024-08-30T12:22:45.964Z"}}}, "cveMetadata": {"cveId": "CVE-2024-8260", "state": "PUBLISHED", "dateUpdated": "2024-08-30T13:17:20.246Z", "dateReserved": "2024-08-28T12:18:55.569Z", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "datePublished": "2024-08-30T12:22:45.964Z", "assignerShortName": "tenable"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openpolicyagent:open_policy_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4E49AB0-155E-41A1-B7E7-AA463DAD09C0", "versionEndExcluding": "0.68.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions."}, {"lang": "es", "value": "Existe una vulnerabilidad de autenticaci\u00f3n forzada de SMB en todas las versiones de OPA para Windows anteriores a la v0.68.0. La vulnerabilidad existe debido a una validaci\u00f3n de entrada incorrecta, que permite que un usuario pase un recurso compartido de SMB arbitrario en lugar de un archivo Rego como argumento a la CLI de OPA o a una de las funciones de la librer\u00eda Go de OPA."}], "id": "CVE-2024-8260", "lastModified": "2024-09-19T16:08:58.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.7, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-08-30T13:15:12.347", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2024-36"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-294"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-294"}], "source": "[email protected]", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:10948", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.4::el8", "package": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8:sha256:08b32341cc141f5151497b2c8a321b19dc6e666004bd72f32d5900c7874da794", "product_name": "Red Hat OpenShift distributed tracing 3.4", "release_date": "2024-12-11T00:00:00Z"}], "bugzilla": {"description": "opa: OPA SMB Force-Authentication", "id": "2308685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308685"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "status": "verified"}, "cwe": "CWE-294", "details": ["A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions.", "An SMB force-authentication vulnerability exists in all versions of OPA. The vulnerability exists due to improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or one of the OPA Go library\u2019s functions."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-8260", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/lokistack-gateway-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/opa-openshift-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "migration-toolkit-virtualization/mtv-validation-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:connectivity_link:1", "fix_state": "Affected", "package_name": "authorino-container", "product_name": "Red Hat Connectivity Link 1"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/tempo-gateway-opa-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}], "public_date": "2024-08-30T13:15:12Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-8260\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-8260\nhttps://www.tenable.com/security/research/tra-2024-36"], "statement": "The SMB force-authentication vulnerability in OPA for Windows builds is classified as moderate severity due to its specific exploitation requirements and potential impact. The flaw arises from improper input validation, allowing an attacker to supply an arbitrary SMB share instead of a Rego file. However, exploitation of this issue necessitates direct access to the OPA CLI or its Go library functions, and the attacker must have the ability to influence the arguments passed to these components. While it could lead to unauthorized access or manipulation of data if exploited, the attack vector is limited and requires specific conditions to be met.", "threat_severity": "Moderate"}