CVE-2020-23355

Name of the Vulnerable Software and Affected Versions Codiad version 2.8.4

Description The issue concerns a magic hash authentication bypass vulnerability. It affects the Authenticate() function in the class.user.php file. Specifically, if the encrypted or hash value for passwords matches certain formats of magic hash, such as 0e123, another hash value like 0e234 can successfully authenticate. This allows for unauthorized access.

Recommendations For Codiad version 2.8.4, as a temporary workaround, consider disabling the Authenticate() function in the class.user.php file until a patch is available. Restrict access to the /componetns/user/class.user.php endpoint to minimize the risk of exploitation. Avoid using the 0e123 and 0e234 hash values in the affected authentication process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.