CVE-2019-8978 : Security Advisory and Response
Discover the impact of CVE-2019-8978, an improper authentication vulnerability in Ellucian Banner Web Tailor and Banner Enterprise Identity Services. Learn about affected versions and mitigation steps.
A security flaw related to improper authentication has been discovered in Ellucian Banner Web Tailor versions 8.8.3, 8.8.4, and 8.9, as well as Banner Enterprise Identity Services versions 8.3, 8.3.1, 8.3.2, and 8.4. This flaw is triggered by a race condition in conjunction with SSO Manager, allowing remote attackers to hijack a user's session.
Understanding CVE-2019-8978
This CVE involves an improper authentication vulnerability in Ellucian Banner Web Tailor and Banner Enterprise Identity Services, potentially leading to a denial of service attack.
What is CVE-2019-8978?
CVE-2019-8978 is an improper authentication vulnerability that can be exploited through a race condition in Ellucian Banner Web Tailor and Banner Enterprise Identity Services.
The Impact of CVE-2019-8978
- Remote attackers can hijack a user's session, leading to a denial of service.
Technical Details of CVE-2019-8978
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability arises from a race condition in Ellucian Banner Web Tailor and Banner Enterprise Identity Services, allowing attackers to exploit the authentication process.
Affected Systems and Versions
- Ellucian Banner Web Tailor versions 8.8.3, 8.8.4, and 8.9
- Banner Enterprise Identity Services versions 8.3, 8.3.1, 8.3.2, and 8.4
Exploitation Mechanism
- Attackers repeatedly send requests to the Banner Web Tailor main page with the victim's UDCID stored in the IDMSESSID cookie.
- The attacker can obtain the SESSID intended for the victim during the login process.
Mitigation and Prevention
Protecting systems from CVE-2019-8978 requires immediate actions and long-term security practices.
Immediate Steps to Take
- Apply patches provided by Ellucian for the affected versions.
- Monitor and restrict access to sensitive systems.
- Educate users about phishing and social engineering tactics.
Long-Term Security Practices
- Regularly update and patch software to address security vulnerabilities.
- Implement multi-factor authentication to enhance login security.
- Conduct regular security audits and penetration testing.
Patching and Updates
- Stay informed about security updates from Ellucian for Banner Web Tailor and Banner Enterprise Identity Services.
- Apply patches promptly to mitigate the risk of exploitation.