CVE-2024-45165

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "(c)2007 UCI Software GmbH B.Boll" (without quotes). The key is both static and hardcoded. With access to messages, this results in message decryption and encryption by an attacker. Thus, it enables passive and active man-in-the-middle attacks.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://download.uci.de/idol2/idol2Client_2_12.exe
https://uci.de/download/idol2-client.html
https://uci.de/products/index.html
https://www.syss.de/en/responsible-disclosure-policy
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-048.txt

Configurations

No configuration.

History

No history.

Information

Published : 2024-08-22 04:15

Updated : 2024-10-31 19:35

NVD link : CVE-2024-45165

Mitre link : CVE-2024-45165

CVE.ORG link : CVE-2024-45165

JSON object : View

Products Affected

No product.

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2024-45165", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}]}, "published": "2024-08-22T04:15:22.310", "references": [{"url": "http://download.uci.de/idol2/idol2Client_2_12.exe", "source": "cve@mitre.org"}, {"url": "https://uci.de/download/idol2-client.html", "source": "cve@mitre.org"}, {"url": "https://uci.de/products/index.html", "source": "cve@mitre.org"}, {"url": "https://www.syss.de/en/responsible-disclosure-policy", "source": "cve@mitre.org"}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-048.txt", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string \"(c)2007 UCI Software GmbH B.Boll\" (without quotes). The key is both static and hardcoded. With access to messages, this results in message decryption and encryption by an attacker. Thus, it enables passive and active man-in-the-middle attacks."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en UCI IDOL 2 (tambi\u00e9n conocido como uciIDOL o IDOL2) hasta 2.12. Los datos se env\u00edan entre el cliente y el servidor con cifrado. Sin embargo, la clave se deriva de la cadena \"(c)2007 UCI Software GmbH B.Boll\" (sin comillas). La clave es est\u00e1tica y est\u00e1 codificada. Con el acceso a los mensajes, esto da como resultado que un atacante descifre y cifre los mensajes. Por lo tanto, permite ataques de intermediario pasivos y activos."}], "lastModified": "2024-10-31T19:35:08.327", "sourceIdentifier": "cve@mitre.org"}