Lack of Integer-Overflow Check in Nimbus JOSE+JWT by Connect2id
CVE-2017-12972

7.5HIGH

Key Information:

Vendor

Connect2id

Status
Nimbus Jose\+jwt
Vendor
CVE Published:
20 August 2017

What is CVE-2017-12972?

In Nimbus JOSE+JWT prior to version 4.39, there is a critical oversight where integer-overflow checks are omitted when converting length values from bytes to bits. This vulnerability enables attackers to exploit the system by performing HMAC bypass attacks, altering the Additional Authenticated Data (AAD) and ciphertext. As a result, an attacker can manage to produce different plaintext results while using the same HMAC, posing significant security risks to applications relying on this library.

References

https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/2...
x_refsource_CONFIRM
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/...
x_refsource_CONFIRM
https://bitbucket.org/connect2id/nimbus-jose-jwt/src/mast...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.