// For flags

CVE-2018-10903

python-cryptography: GCM tag forgery via truncated tag in finalize_with_tag API

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.

Se ha encontrado un error en python-cryptography, desde la versión 1.9.0 hasta la 2.3. La API finalize_with_tag no forzaba una longitud de etiqueta mínima. Si un usuario no validaba la longitud de la entrada antes de pasarla a finalize_with_tag, un atacante podría manipular una carga útil no válida con una etiqueta acortada (p.ej., 1 byte) para así tener 1 posibilidad entre 256 de pasar la comprobación MAC. Las falsificaciones de etiquetas GCM pueden provocar un filtrado de claves.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-05-09 CVE Reserved
  • 2018-07-23 CVE Published
  • 2023-07-24 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cryptography
Search vendor "Cryptography"
Python-cryptography
Search vendor "Cryptography" for product "Python-cryptography"
>= 1.9.0 < 2.3
Search vendor "Cryptography" for product "Python-cryptography" and version " >= 1.9.0 < 2.3"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
13
Search vendor "Redhat" for product "Openstack" and version "13"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
18.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04"
lts
Affected