Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
In Netatalk 1.5.0 through 4.2.2, weak cryptography in dhcast128 uam. Fixed in 4.5.0.
AnalysisAI
Weak cryptography in the dhcast128 user authentication module (UAM) of Netatalk versions 1.5.0 through 4.2.2 allows remote attackers to compromise confidentiality and integrity of AFP authentication exchanges. The flaw was reported by Securin and tagged as an information disclosure issue; no public exploit identified at time of analysis. The CVSS 7.4 score with High attack complexity reflects that exploitation requires conditions beyond a simple network request, yet the impact on credential material and session integrity is significant.
Technical ContextAI
Netatalk is the open-source implementation of the Apple Filing Protocol (AFP) suite, providing file and print services to macOS clients from Unix/Linux servers (CPE: cpe:2.3:a:netatalk:netatalk:*). The dhcast128 UAM is one of AFP's pluggable authentication modules that combines a Diffie-Hellman key agreement with CAST-128 (CAST5) symmetric encryption to protect the password exchange between client and server. The root cause is CWE-327 (Use of a Broken or Risky Cryptographic Algorithm), meaning the cryptographic primitives, parameters, or construction used in this UAM no longer provide adequate strength against modern cryptanalysis - CAST-128's 128-bit block with 64-bit blocks and the DH parameters chosen in legacy AFP design are widely considered insufficient.
RemediationAI
Vendor-released patch: Netatalk 4.5.0; upgrade affected installations from any version in the 1.5.0 through 4.2.2 range to 4.5.0 or later as published at https://netatalk.io/security/CVE-2026-44053. If immediate upgrade is not possible, disable the dhcast128 UAM in afp.conf (for example by setting 'uam list' to exclude uams_dhx.so / uams_dhx2.so or whichever module ships dhcast128 on the distribution) and require a stronger UAM such as DHX2 or Kerberos/GSSAPI, accepting that very old macOS clients that only negotiate dhcast128 will lose the ability to authenticate. As a network-level compensating control, restrict TCP/548 to trusted client subnets or tunnel AFP over a VPN to remove untrusted MitM positions, with the trade-off of reduced client reachability.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: High| Product | Status |
|---|---|
| SUSE Linux Enterprise Server 12 SP5 | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Fixed |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP5 | Fixed |
| SUSE Linux Enterprise Desktop 12 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP1 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP2 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP3 | Fixed |
| SUSE Linux Enterprise Desktop 12 SP4 | Fixed |
| SUSE Linux Enterprise Server 12 | Fixed |
| SUSE Linux Enterprise Server 12 SP1 | Fixed |
| SUSE Linux Enterprise Server 12 SP2 | Fixed |
| SUSE Linux Enterprise Server 12 SP3 | Fixed |
| SUSE Linux Enterprise Server 12 SP4 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP1 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP2 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP3 | Fixed |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP1 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP2 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP3 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP4 | Fixed |
| SUSE Linux Enterprise Software Development Kit 12 SP5 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP1 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP2 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP3 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP4 | Fixed |
| SUSE Linux Enterprise Workstation Extension 12 SP5 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31232
GHSA-8vhp-c4pr-9rq3