CVE-2018-17107: tgstation-server cached user logins in legacy server
8.4
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.65865%
CWE
-
Published
6/12/2023
Updated
6/12/2023
KEV Status
No
Technology
C#
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
TGServiceInterface | nuget | >= 3.2.1.0, <= 3.2.4.0 | 3.2.5.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stemmed from improper handling of failed authentication attempts in the WCF communication layer. The critical line in AuthenticationHeaderDecoder.cs
returned the existing authPolicy collection (containing cached credentials) instead of a new empty collection when authentication failed. This was explicitly fixed in commit 1812a9c by replacing 'return authPolicy' with 'return new ReadOnlyCollection<IAuthorizationPolicy>(new List<IAuthorizationPolicy>())' to prevent credential reuse. The vulnerability description directly attributes the issue to this cached policy handling during failed logins.