ntopng.Session.IDs.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in ntopng.
The vulnerability is due to an design error in the application when handling single or multiple HTTP requests. Via crafted HTTP requests, an unauthenticated remote attacker may be able to exploit this to bypass authentication on vulnerable systems by guessing the session ID.
This signature is using track and rate feature. The default threshold is 50 attempts per second.

affected-products-logoAffected Products

ntopng version 3.4.180616 and prior

Impact logoImpact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-08-27 14.677 Default_action:pass:drop
2019-08-08 14.666

References

44973