PT-2022-6550 · Unknown+3 · Prometheus Exporter Toolkit+3
Lei Wan
·
Published
2022-11-28
·
Updated
2024-08-06
·
CVE-2022-46146
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Prometheus Exporter Toolkit versions prior to 0.7.2 and 0.8.2
Description
The issue is related to the implementation of the bcrypt hashing algorithm in the Prometheus Exporter Toolkit, which can be exploited to bypass authentication when handling the web.yml file. An attacker with access to the hashed password can poison the internal authentication cache, allowing them to authenticate against Prometheus. The attacker must have access to the hashed password, stored on disk, to bypass the authentication.
Recommendations
For versions prior to 0.7.2, update to version 0.7.2 or later.
For versions prior to 0.8.2, update to version 0.8.2 or later.
As a temporary workaround, consider restricting access to the hashed password to minimize the risk of exploitation.
Restrict access to the web.yml file to prevent attackers from obtaining the necessary information to bypass authentication.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Prometheus Exporter Toolkit
Red Os
Suse