Bug ID 1234703
Summary VUL-0: CVE-2024-56128: kafka: SCRAM authentication vulnerable to replay attacks when used without encryption
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://smash.suse.de/issue/433309/
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter smash_bz@suse.de
QA Contact security-team@suse.de
CC stoyan.manolov@suse.com
Target Milestone ---
Found By Security Response Team
Blocker --- 

Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM
implementation.

Issue Summary:
Apache Kafka's implementation of the Salted Challenge Response Authentication
Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1].
Specifically, as per RFC 5802, the server must verify that the nonce sent by
the client in the second message matches the nonce sent by the server in its
first message.
However, Kafka's SCRAM implementation did not perform this validation.

Impact:
This vulnerability is exploitable only when an attacker has plaintext access to
the SCRAM authentication exchange. However, the usage of SCRAM over plaintext
is strongly
discouraged as it is considered an insecure practice [2]. Apache Kafka
recommends deploying SCRAM exclusively with TLS encryption to protect SCRAM
exchanges from interception [3].
Deployments using SCRAM with TLS are not affected by this issue.

How to Detect If You Are Impacted:
If your deployment uses SCRAM authentication over plaintext communication
channels (without TLS encryption), you are likely impacted.
To check if TLS is enabled, review your server.properties configuration file
for listeners property. If you have SASL_PLAINTEXT in the listeners, then you
are likely impacted.

Fix Details:
The issue has been addressed by introducing nonce verification in the final
message of the SCRAM authentication exchange to ensure compliance with RFC
5802.

Affected Versions:
Apache Kafka versions 0.10.2.0 through 3.9.0, excluding the fixed versions
below.

Fixed Versions:
3.9.0
3.8.1
3.7.2

Users are advised to upgrade to 3.7.2 or later to mitigate this issue.

Recommendations for Mitigation:
Users unable to upgrade to the fixed versions can mitigate the issue by:
- Using TLS with SCRAM Authentication:
Always deploy SCRAM over TLS to encrypt authentication exchanges and protect
against interception.
- Considering Alternative Authentication Mechanisms:
Evaluate alternative authentication mechanisms, such as PLAIN, Kerberos or
OAuth with TLS, which provide additional layers of security.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-56128
https://www.cve.org/CVERecord?id=CVE-2024-56128
https://datatracker.ietf.org/doc/html/rfc5802
https://datatracker.ietf.org/doc/html/rfc5802#section-9
https://kafka.apache.org/documentation/#security_sasl_scram_security
https://lists.apache.org/thread/84dh4so32lwn7wr6c5s9mwh381vx9wkw
https://seclists.org/oss-sec/2024/q4/162
http://www.openwall.com/lists/oss-security/2024/12/18/3
https://bugzilla.redhat.com/show_bug.cgi?id=2333013
https://github.com/CVEProject/cvelistV5/blob/main//cves/2024/56xxx/CVE-2024-56128.json

You are receiving this mail because: