Boundary Vulnerable to Session Hijacking Through TLS Certificate Tampering

Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application.

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

证书验证不恰当

HashiCorp Boundary 安全漏洞

HashiCorp Boundary是美国HashiCorp公司的一种开源解决方案。可自动实现基于身份的安全用户跨环境访问主机和服务。 HashiCorp Boundary和Boundary Enterprise 0.15.0之前版本存在安全漏洞，该漏洞源于容易通过TLS证书篡改而受到会话劫持，攻击者可能会制作TLS证书来劫持活动会话并获取对底层服务的访问权限。

N/A

其他