CVE-2026-3099: Reusing a Nonce, Key Pair in Encryption in Red Hat Red Hat Enterprise Linux 10
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.
AI Analysis
Technical Summary
This vulnerability exists in the SoupAuthDomainDigest class of Libsoup, where the server-side digest authentication fails to properly track nonces and enforce the nonce-count (nc) increment requirement. As a result, an attacker who captures a valid authentication header can replay it multiple times to bypass authentication controls. This leads to unauthorized access by impersonating legitimate users on Red Hat Enterprise Linux 10 systems. The issue is documented under CVE-2026-3099 with a medium CVSS score of 5.8, reflecting network attack vector, high attack complexity, no privileges required, user interaction required, and partial impact on confidentiality, integrity, and availability.
Potential Impact
An attacker can replay a captured valid authentication header repeatedly to bypass authentication mechanisms, allowing unauthorized access to protected resources and impersonation of legitimate users. The impact affects confidentiality, integrity, and availability to a limited extent as indicated by the CVSS vector. There are no known exploits in the wild at this time.
Mitigation Recommendations
The vendor advisory does not provide explicit information on patch availability or mitigation steps. Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-3099 for current remediation guidance. Until a fix is confirmed, consider limiting exposure of affected services and monitoring for suspicious authentication attempts related to replay attacks.
CVE-2026-3099: Reusing a Nonce, Key Pair in Encryption in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability exists in the SoupAuthDomainDigest class of Libsoup, where the server-side digest authentication fails to properly track nonces and enforce the nonce-count (nc) increment requirement. As a result, an attacker who captures a valid authentication header can replay it multiple times to bypass authentication controls. This leads to unauthorized access by impersonating legitimate users on Red Hat Enterprise Linux 10 systems. The issue is documented under CVE-2026-3099 with a medium CVSS score of 5.8, reflecting network attack vector, high attack complexity, no privileges required, user interaction required, and partial impact on confidentiality, integrity, and availability.
Potential Impact
An attacker can replay a captured valid authentication header repeatedly to bypass authentication mechanisms, allowing unauthorized access to protected resources and impersonation of legitimate users. The impact affects confidentiality, integrity, and availability to a limited extent as indicated by the CVSS vector. There are no known exploits in the wild at this time.
Mitigation Recommendations
The vendor advisory does not provide explicit information on patch availability or mitigation steps. Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-3099 for current remediation guidance. Until a fix is confirmed, consider limiting exposure of affected services and monitoring for suspicious authentication attempts related to replay attacks.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-02-24T07:37:48.680Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-3099","vendor":"Red Hat"}]
Threat ID: 69b2ca582f860ef943997cd8
Added to database: 3/12/2026, 2:14:48 PM
Last enriched: 4/27/2026, 8:40:59 PM
Last updated: 4/28/2026, 9:23:11 AM
Views: 130
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.