CVE-2017-12972 - Insufficient Verification of Data Authenticity

Severity

50%

Complexity

99%

Confidentiality

48%

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC.

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC.

CVSS 3.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N).

Overview

Type

Connect2id Nimbus JOSE + JWT

First reported 7 years ago

2017-08-20 16:29:00

Last updated 5 years ago

2019-11-16 02:15:00

Affected Software

Connect2id Nimbus JOSE + JWT 1.0

1.0

Connect2id Nimbus JOSE + JWT 1.1

1.1

Connect2id Nimbus JOSE + JWT 1.2

1.2

Connect2id Nimbus JOSE + JWT 1.3

1.3

Connect2id Nimbus JOSE + JWT 1.4

1.4

Connect2id Nimbus JOSE + JWT 1.5

1.5

Connect2id Nimbus JOSE + JWT 1.6

1.6

Connect2id Nimbus JOSE + JWT 1.7

1.7

Connect2id Nimbus JOSE + JWT 1.8

1.8

Connect2id Nimbus JOSE + JWT 1.9

1.9

Connect2id Nimbus JOSE + JWT 1.9.1

1.9.1

Connect2id Nimbus JOSE + JWT 1.10

1.10

Connect2id Nimbus JOSE + JWT 1.11

1.11

Connect2id Nimbus JOSE + JWT 1.12

1.12

Connect2id Nimbus JOSE + JWT 2.0

2.0

Connect2id Nimbus JOSE + JWT 2.0.1

2.0.1

Connect2id Nimbus JOSE + JWT 2.1

2.1

Connect2id Nimbus JOSE + JWT 2.1.1

2.1.1

Connect2id Nimbus JOSE + JWT 2.2

2.2

Connect2id Nimbus JOSE + JWT 2.3

2.3

Connect2id Nimbus JOSE + JWT 2.4

2.4

Connect2id Nimbus JOSE + JWT 2.5

2.5

Connect2id Nimbus JOSE + JWT 2.6

2.6

Connect2id Nimbus JOSE + JWT 2.7

2.7

Connect2id Nimbus JOSE + JWT 2.8

2.8

Connect2id Nimbus JOSE + JWT 2.9

2.9

Connect2id Nimbus JOSE + JWT 2.10

2.10

Connect2id Nimbus JOSE + JWT 2.10.1

2.10.1

Connect2id Nimbus JOSE + JWT 2.11.0

2.11.0

Connect2id Nimbus JOSE + JWT 2.12.0

2.12.0

Connect2id Nimbus JOSE + JWT 2.13.0

2.13.0

Connect2id Nimbus JOSE + JWT 2.13.1

2.13.1

Connect2id Nimbus JOSE + JWT 2.14

2.14

Connect2id Nimbus JOSE + JWT 2.15

2.15

Connect2id Nimbus JOSE + JWT 2.15.1

2.15.1

Connect2id Nimbus JOSE + JWT 2.15.2

2.15.2

Connect2id Nimbus JOSE + JWT 2.16

2.16

Connect2id Nimbus JOSE + JWT 2.17

2.17

Connect2id Nimbus JOSE + JWT 2.17.1

2.17.1

Connect2id Nimbus JOSE + JWT 2.17.2

2.17.2

Connect2id Nimbus JOSE + JWT 2.18

2.18

Connect2id Nimbus JOSE + JWT 2.18.1

2.18.1

Connect2id Nimbus JOSE + JWT 2.18.2

2.18.2

Connect2id Nimbus JOSE + JWT 2.19

2.19

Connect2id Nimbus JOSE + JWT 2.19.1

2.19.1

Connect2id Nimbus JOSE + JWT 2.20

2.20

Connect2id Nimbus JOSE + JWT 2.21

2.21

Connect2id Nimbus JOSE + JWT 2.22

2.22

Connect2id Nimbus JOSE + JWT 2.22.1

2.22.1

Connect2id Nimbus JOSE + JWT 2.23

2.23

Connect2id Nimbus JOSE + JWT 2.24

2.24

Connect2id Nimbus JOSE + JWT 2.25

2.25

Connect2id Nimbus JOSE + JWT 2.26

2.26

Connect2id Nimbus JOSE + JWT 2.26.1

2.26.1

Connect2id Nimbus JOSE + JWT 3.0

3.0

Connect2id Nimbus JOSE + JWT 3.1

3.1

Connect2id Nimbus JOSE + JWT 3.1.1

3.1.1

Connect2id Nimbus JOSE + JWT 3.1.2

3.1.2

Connect2id Nimbus JOSE + JWT 3.2

3.2

Connect2id Nimbus JOSE + JWT 3.2.1

3.2.1

Connect2id Nimbus JOSE + JWT 3.2.2

3.2.2

Connect2id Nimbus JOSE + JWT 3.3

3.3

Connect2id Nimbus JOSE + JWT 3.4

3.4

Connect2id Nimbus JOSE + JWT 3.5

3.5

Connect2id Nimbus JOSE + JWT 3.6

3.6

Connect2id Nimbus JOSE + JWT 3.7

3.7

Connect2id Nimbus JOSE + JWT 3.8

3.8

Connect2id Nimbus JOSE + JWT 3.8.1

3.8.1

Connect2id Nimbus JOSE + JWT 3.8.2

3.8.2

Connect2id Nimbus JOSE + JWT 3.9

3.9

Connect2id Nimbus JOSE + JWT 3.9.1

3.9.1

Connect2id Nimbus JOSE + JWT 3.9.2

3.9.2

Connect2id Nimbus JOSE + JWT 3.10

3.10

Connect2id Nimbus JOSE + JWT 4.0

4.0

Connect2id Nimbus JOSE + JWT 4.0.1

4.0.1

Connect2id Nimbus JOSE + JWT 4.1

4.1

Connect2id Nimbus JOSE + JWT 4.1.1

4.1.1

Connect2id Nimbus JOSE + JWT 4.2

4.2

Connect2id Nimbus JOSE + JWT 4.3

4.3

Connect2id Nimbus JOSE + JWT 4.3.1

4.3.1

Connect2id Nimbus JOSE + JWT 4.4

4.4

Connect2id Nimbus JOSE + JWT 4.5

4.5

Connect2id Nimbus JOSE + JWT 4.6

4.6

Connect2id Nimbus JOSE + JWT 4.7

4.7

Connect2id Nimbus JOSE + JWT 4.8

4.8

Connect2id Nimbus JOSE + JWT 4.9

4.9

Connect2id Nimbus JOSE + JWT 4.10

4.10

Connect2id Nimbus JOSE + JWT 4.11

4.11

Connect2id Nimbus JOSE + JWT 4.11.1

4.11.1

Connect2id Nimbus JOSE + JWT 4.11.2

4.11.2

Connect2id Nimbus JOSE + JWT 4.12

4.12

Connect2id Nimbus JOSE + JWT 4.13

4.13

Connect2id Nimbus JOSE + JWT 4.13.1

4.13.1

Connect2id Nimbus JOSE + JWT 4.14

4.14

Connect2id Nimbus JOSE + JWT 4.15

4.15

Connect2id Nimbus JOSE + JWT 4.15.1

4.15.1

Connect2id Nimbus JOSE + JWT 4.16

4.16

Connect2id Nimbus JOSE + JWT 4.16.1

4.16.1

Connect2id Nimbus JOSE + JWT 4.16.2

4.16.2

Connect2id Nimbus JOSE + JWT 4.17

4.17

Connect2id Nimbus JOSE + JWT 4.18

4.18

Connect2id Nimbus JOSE + JWT 4.19

4.19

Connect2id Nimbus JOSE + JWT 4.20

4.20

Connect2id Nimbus JOSE + JWT 4.21

4.21

Connect2id Nimbus JOSE + JWT 4.22

4.22

Connect2id Nimbus JOSE + JWT 4.23

4.23

Connect2id Nimbus JOSE + JWT 4.24

4.24

Connect2id Nimbus JOSE + JWT 4.25

4.25

Connect2id Nimbus JOSE + JWT 4.26

4.26

Connect2id Nimbus JOSE + JWT 4.26.1

4.26.1

Connect2id Nimbus JOSE + JWT 4.27

4.27

Connect2id Nimbus JOSE + JWT 4.27.1

4.27.1

Connect2id Nimbus JOSE + JWT 4.28

4.28

Connect2id Nimbus JOSE + JWT 4.29

4.29

Connect2id Nimbus JOSE + JWT 4.30

4.30

Connect2id Nimbus JOSE + JWT 4.31

4.31

Connect2id Nimbus JOSE + JWT 4.31.1

4.31.1

Connect2id Nimbus JOSE + JWT 4.32

4.32

Connect2id Nimbus JOSE + JWT 4.33

4.33

Connect2id Nimbus JOSE + JWT 4.34

4.34

Connect2id Nimbus JOSE + JWT 4.34.1

4.34.1

Connect2id Nimbus JOSE + JWT 4.34.2

4.34.2

Connect2id Nimbus JOSE + JWT 4.35

4.35

Connect2id Nimbus JOSE + JWT 4.36.1

4.36.1

Connect2id Nimbus JOSE + JWT 4.37

4.37

Connect2id Nimbus JOSE + JWT 4.37.1

4.37.1

Connect2id Nimbus JOSE + JWT 4.38

4.38

References

https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/0d2bd649ea386539220d4facfe1f65eb1dadb86c

Third Party Advisory

https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/224/byte-to-bit-overflow-in-cbc

Patch, Third Party Advisory

https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt

Release Notes, Third Party Advisory

[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.