CVE-2024-43798

CVSS V2 None CVSS V3 None

Description

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented `AUTH` environment variable used to set credentials, which allows any unauthenticated user to connect, even if credentials were set. Anyone running the Chisel server that is using the `AUTH` environment variable to specify credentials to authenticate against is affected by this vulnerability. Chisel is often used to provide an entrypoint to a private network, which means services that are gated by Chisel may be affected. Additionally, Chisel is often used for exposing services to the internet. An attacker could MITM requests by connecting to a Chisel server and requesting to forward traffic from a remote port. This issue has been addressed in release version 1.10.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Overview

CVE ID
CVE-2024-43798

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2024-08-26T22:32:43.575Z

Last Modified Date
2024-08-26T22:32:43.575Z

Weakness Enumerations

CWE	URL
CWE-306	http://cwe.mitre.org/data/definitions/306.html
CWE-1068	http://cwe.mitre.org/data/definitions/1068.html

References

Reference URL	Reference Tags
https://github.com/jpillora/chisel/security/advisories/GHSA-38jh-8h67-m7mj	x_refsource_CONFIRM

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-43798
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43798

History

Created	Old Value	New Value	Data Type	Notes
2024-08-27 13:12:56				Added to TrackCVE