#VU78844 Use of a broken or risky cryptographic algorithm in cjose


Published: 2023-08-01

Vulnerability identifier: #VU78844

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37464

CWE-ID: CWE-327

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
cjose
Other software / Other software solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error in the AES GCM decryption routine that uses the Tag length from the actual Authentication Tag provided in the JWE. A remote attacker can provide a truncated Authentication Tag and to modify the JWE accordingly.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

cjose: 0.1.2 - 0.6.2.1

External links
http://github.com/OpenIDC/cjose/security/advisories/GHSA-3rhg-3gf2-6xgj
http://github.com/OpenIDC/cjose/commit/7325e9a5e71e2fc0e350487ecac7d84acdf0ed5e
http://datatracker.ietf.org/doc/html/rfc7518#section-4.7
http://github.com/OpenIDC/cjose/releases/tag/v0.6.2.2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Fedora 37 update for cjose
Fedora 39 update for cjose
Fedora 38 update for cjose
Ubuntu update for cjose
Debian update for cjose
SUSE update for cjose
Red Hat Enterprise Linux Server 8.2 update for mod_auth_openidc
Red Hat Enterprise Linux 8.4 update for mod_auth_openidc
Red Hat Enterprise Linux 8.6 update for mod_auth_openidc
Red Hat Enterprise Linux Server 8.1 update for mod_auth_openidc