Headline
CVE-2022-46383: Cluster Token Disclosure — Digital Rebar Platform
RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.
7.3. CVE-2022-46383: Cluster Token Disclosure¶
7.3.1. Summary¶
Digital Rebar exposed a privileged token via a public API endpoint. The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access.
7.3.2. Technical Details¶
Digital Rebar’s High Availability (HA) implementation uses temporary authentication tokens to handle cluster authentication and memberships. These tokens are generated even if Digital Rebar is running in a single server setup.
A bug was discovered where the token was embedded in cluster details that are available to any authenticated user, including a Digital Rebar machine, via the Digital Rebar API. Due to the machine provisioning process, an unauthenticated user can create a machine token with limited privileges and discover this token.
7.3.3. Recommendations¶
A fix has been developed to hide these tokens within the Digital Rebar API. Digital Rebar users should update to the latest fixed version.
7.3.4. Affected Versions¶
Affected Versions
Fixed Version
v4.5 and earlier
v4.6.15
v4.6
v4.6.15
v4.7
v4.7.23
v4.8
v4.8.6
v4.9
v4.9.13
v4.10
v4.10.9
7.3.5. Common Vulnerability Scoring System (CVSS) Score¶
CVSS Base Score
10
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality Impact
High
Integrity Impact
High
Availability Impact
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H