Cryptographic issues in Nimbus JOSE+JWT

#VU24176 Cryptographic issues in Nimbus JOSE+JWT

Published: 2020-01-10

Vulnerability identifier: #VU24176

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-12973

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Nimbus JOSE+JWT
Universal components / Libraries / Libraries used by multiple products

Vendor: Connect2id Ltd.

Description

The vulnerability allows a remote attacker to conduct a padding oracle attack.

the vulnerability exists due to improper validation of HMAC in authenticated AES-CBC decryption in Nimbus JOSE+JWT. A remote attacker can conduct a padding oracle attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Nimbus JOSE+JWT: 4.0 - 4.39

External links
http://bitbucket.org/connect2id/nimbus-jose-jwt/commits/6a29f10f723f406eb25555f55842c59a43a38912
http://bitbucket.org/connect2id/nimbus-jose-jwt/issues/223/aescbc-return-immediately-on-invalid-hmac
http://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM PureData System for Operational Analytics

Multiple vulnerabilities in Nimbus JOSE+JWT