CVE-2024-8260

high

Description

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.

From the Tenable Blog

CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage
CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage

Published: 2024-10-22

Tenable Research discovered an SMB force-authentication vulnerability in Open Policy Agent (OPA) that is now fixed in the latest release of OPA. The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local user account to a remote server, potentially allowing the attacker to relay the authentication or crack the password. The vulnerability affected both the OPA CLI (Community and Enterprise editions) and the OPA Go SDK.

References

https://www.darkreading.com/vulnerabilities-threats/opa-windows-vulnerability-exposes-ntlm-hashes

https://www.tenable.com/security/research/tra-2024-36

Details

Source: Mitre, NVD

Published: 2024-08-30

Updated: 2024-09-19

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: High