VaulTLS Password-Based Login Vulnerability in User Accounts via Web UI
Vulnerability
A vulnerability exists in VaulTLS versions prior to 0.9.1, allowing attackers to log in to user accounts created through the User web UI using an empty password. This issue arises because these accounts have an empty password set, which is not NULL. Additionally, the option to disable password-based login only affected the frontend, leaving API access available.
Impact
Exploitation of this vulnerability allows for unauthorized access to user accounts through the API, bypassing password requirements.
Reproduction
To reproduce this vulnerability, create a user account through the VaulTLS User web UI prior to version 0.9.1. Once the account is created, attempt to log in via the API using an empty password, which will be accepted due to the vulnerability.
Remediation
Users can upgrade to VaulTLS version 0.9.1, which addresses this vulnerability. The migration to fix the password issue will be applied automatically upon upgrading.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.