Cyber Resilience

CVE-2021-38296

High

Published: 10 March 2022

Published
10 March 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0215 84.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-38296 is a high-severity Authentication Bypass by Capture-replay (CWE-294) vulnerability in Oracle Financial Services Crime And Compliance Management Studio. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 15.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone…

more

to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by "spark.authenticate.enableSaslEncryption", "spark.io.encryption.enabled", "spark.ssl", "spark.ui.strictTransportSecurity". Update to Apache Spark 3.1.3 or later

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

apache
spark
≤ 3.1.3
oracle
financial services crime and compliance management studio
8.0.8.2.0, 8.0.8.3.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-294

Allows detection of capture-replay attacks by showing the replayed logon's timestamp as the last logon.

addresses: CWE-294

Protects against replay of captured session tokens or credentials by requiring authenticated, fresh session channels.

addresses: CWE-294

Wireless link protections commonly incorporate replay protection, reducing the exploitability of capture-replay weaknesses.

addresses: CWE-294

Accurate synchronized time enables tight timestamp windows that directly limit capture-replay windows in authentication protocols.

References