Authentication bypass using an alternate path or channel in Secure Remote Access (SRA) Site

#VU54469 Authentication bypass using an alternate path or channel in Secure Remote Access (SRA) Site

Published: 2021-06-30

Vulnerability identifier: #VU54469

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32958

CWE-ID: CWE-288

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Secure Remote Access (SRA) Site
Other software / Other software solutions

Vendor: Claroty

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exist due to improper implementation of the authentication process. A local user can gain the secret key, allowing them to generate valid session tokens for the web user interface (UI).

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Secure Remote Access (SRA) Site: 3.0 - 3.2

External links
http://ics-cert.us-cert.gov/advisories/icsa-21-180-06

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Authentication bypass using an alternate path or channel in Claroty Secure Remote Access Site