CVE-2024-2056
Published: 05 March 2024
Summary
CVE-2024-2056 is a critical-severity Authentication Bypass Using an Alternate Path or Channel (CWE-288) vulnerability in Articatech Artica Proxy. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 10.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2024-2056 affects the Artica Proxy, where services bound to the loopback interface remain reachable through the proxy itself. In particular the tailon service, which runs as root and listens on TCP port 7050, can be reached externally, exposing the ability to read the contents of arbitrary files on the system. The flaw is rated 9.8 under CVSS 3.1 and is associated with CWE-288 and CWE-552.
An unauthenticated remote attacker can route requests through the proxy to the locally bound tailon instance and retrieve any file present on the Artica Proxy host, resulting in full disclosure of sensitive data and potential follow-on integrity or availability impacts.
Public references, including a KoreLogic advisory and Full Disclosure postings, point to the documented security risks of exposing tailon without additional controls, as noted in the project's own repository. The EPSS score has remained low, with only a minor peak of 0.0562.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-27021
Vulnerability details
Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is…
more
listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Authorizing remote access reduces the ability to bypass authentication via unauthorized alternate remote channels.
Controls on authorized publication limit files and directories with nonpublic data from becoming accessible to external parties.
Users can identify logons via alternate paths or channels by reviewing the previous logon time.
Controlling and documenting P2P file sharing prevents files and directories from being made accessible to external parties for unauthorized distribution.
Identifying and documenting file and directory locations allows restriction of access to external parties.
Protecting backup files ensures they are not accessible to external parties or unauthorized spheres.
Adaptive requirements can apply across access paths, reducing the ability to bypass authentication via alternate channels or paths.
Centralized IdPs close alternate authentication paths that enable bypass.