CVE-2022-31142

EPSS 1.16%
Veröffentlicht 14.07.2022 19:15:07
Zuletzt bearbeitet 21.11.2024 07:03:59
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Potential Timing Attack Vector in @fastify/bearer-auth

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 8

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fastify ≫ Bearer-auth SwPlatformnode.js Version >= 5.0.1 < 7.0.2

Fastify ≫ Bearer-auth Version8.0.0 SwPlatformnode.js

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.16%	0.629

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
security-advisories@github.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

CWE-208 Observable Timing Discrepancy

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4

Patch

Third Party Advisory

https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716

Patch

Third Party Advisory

https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f

Patch

Third Party Advisory

https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr

Third Party Advisory

https://hackerone.com/reports/1633287

Third Party Advisory

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2022-31142

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-31142

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-31142

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-31142