Miggo Logo
Miggo Vulnerability Database
GHSA-7r36-jf3c-jhp4

GHSA-7r36-jf3c-jhp4: Duplicate Advisory: tgstation-server vulnerable to cached user logins in legacy server

9.8

CVSS Score
3.0

Basic Information

CVE ID
-
GHSA ID
GHSA-7r36-jf3c-jhp4
EPSS Score
-
CWE
-
Published
5/13/2022
Updated
6/9/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
TGServiceInterfacenuget>= 3.2.1.0, <= 3.2.4.03.2.5.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper authentication caching in the WCF service authentication manager. The key evidence comes from: 1) The GitHub issue explicitly mentions the bug was in the Authenticate() method's handling of the authPolicy parameter 2) The security fix involved modifying this method to return a new empty policy list instead of reusing authPolicy 3) This is the core authentication entrypoint that would appear in a profiler during login attempts. The function signature follows C# WCF service authentication patterns where custom authentication managers override ServiceAuthenticationManager.Authenticate.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

## *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-**r*-p*px-qvv*. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ## Ori*in*l **s*ription In T*st*tion t*st*tion-s*rv*r *.*.*.* t*rou** *.*.*.* (*ix** in

Reasoning

T** vuln*r**ility st*ms *rom improp*r *ut**nti**tion ****in* in t** W** s*rvi** *ut**nti**tion m*n***r. T** k*y *vi**n** *om*s *rom: *) T** *it*u* issu* *xpli*itly m*ntions t** *u* w*s in t** `*ut**nti**t*()` m*t*o*'s **n*lin* o* t** `*ut*Poli*y` p*r