OpenBao is an open source identity-based secrets management system. In OpenBao versions prior to 2.4.1, JSON objects after decoding may use significantly more memory than their serialized version. It is possible to craft a JSON payload to maximize the factor between serialized memory usage and deserialized memory usage, similar to a zip bomb, with factors reaching approximately 35. This can be used to circumvent the max_request_size configuration parameter which is intended to protect against denial of service attacks. The request body is parsed into a map very early in the request handling chain before authentication, which means an unauthenticated attacker can send a specifically crafted JSON object and cause an out-of-memory crash. Additionally, for requests with large numbers of strings, the audit subsystem can consume large quantities of CPU. The vulnerability is fixed in version 2.4.1.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HOpenbao
APPOpenbao< 2.4.1
Powiązane podatności
XSS w OpenBao — kradzież tokenu Web UI przez parametr error_description
OpenBao: zdalne phishing przez JWT/OIDC bez potwierdzenia logowania
OpenBao: ominięcie restrykcji przez subsystem audytu — RCE i dostęp sieciowy
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged opera...
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secret...