#VU35888 Cryptographic issues in Apache Commons Crypto


Published: 2019-05-22 | Updated: 2020-08-08

Vulnerability identifier: #VU35888

Vulnerability risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-11841

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Apache Commons Crypto
Universal components / Libraries / Software for developers

Vendor: Apache Foundation

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The "Hash" Armor Header specifies the message digest algorithm(s) used for the signature. However, the Go clearsign package ignores the value of this header, which allows an attacker to spoof it. Consequently, an attacker can lead a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, since the library skips Armor Header parsing in general, an attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Apache Commons Crypto: 2019-03-25

External links
http://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html
http://go.googlesource.com/crypto/
http://lists.debian.org/debian-lts-announce/2019/09/msg00011.html
http://sec-consult.com/
http://sec-consult.com/en/blog/advisories/cleartext-message-spoofing-in-go-cryptography-libraries-cve-2019-11841/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM Watson Machine Learning Accelerator on Cloud Pak for Data
Multiple vulnerabilities in IBM CICS TX Standard
Multiple vulnerabilities in IBM CICS TX Advanced
Cryptographic issues in Apache Commons Crypto