Description

A vulnerability was found in Quay, which allows successful authentication even when a truncated password version is provided. This flaw affects the authentication mechanism, reducing the overall security of password enforcement.  While the risk is relatively low due to the typical length of the passwords used (73 characters), this vulnerability can still be exploited to reduce the complexity of brute-force or password-guessing attacks. The truncation of passwords weakens the overall authentication process, thereby reducing the effectiveness of password policies and potentially increasing the risk of unauthorized access in the future.

INFO

Published Date :

2024-10-17T14:08:57.482Z

Last Modified :

2025-11-07T00:44:44.742Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2024-9683 vulnerability.

Vendors Products
Redhat
  • Quay
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-9683.

URL Resource
https://access.redhat.com/security/cve/CVE-2024-9683 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2317559 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-9683 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-9683 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact