// For flags

CVE-2023-45669

Improper signature counter value handling in webauthn4j-spring-security

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter value during authentication, webauthn4j-spring-security-core does not properly persist the value, which means cloned authenticator detection does not work. An attacker who cloned valid authenticator in some way can use the cloned authenticator without being detected. This issue has been addressed in version `0.9.1.RELEASE`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

WebAuthn4J Spring Security proporciona soporte de especificación de autenticación web para aplicaciones Spring. Las versiones afectadas están sujetas a un manejo inadecuado del valor del contador de firmas. Se encontró una falla en webautn4j-spring-security-core. Cuando un autenticador devuelve un valor de contador de firma incrementado durante la autenticación, webauthn4j-spring-security-core no conserva correctamente el valor, lo que significa que la detección del autenticador clonado no funciona. Un atacante que clonó un autenticador válido de alguna manera puede utilizar el autenticador clonado sin ser detectado. Este problema se solucionó en la versión `0.9.1.RELEASE`. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-10-10 CVE Reserved
  • 2023-10-16 CVE Published
  • 2024-09-13 CVE Updated
  • 2024-10-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Webauthn4j
Search vendor "Webauthn4j"
Spring Security
Search vendor "Webauthn4j" for product "Spring Security"
< 0.9.1
Search vendor "Webauthn4j" for product "Spring Security" and version " < 0.9.1"
spring
Affected