CVE-2017-12972: High severity connect2id nimbus jose+jwt vulnerability
Published Aug 20, 2017
·Updated
Connect2id Nimbus JOSE+JWT could provide weaker than expected security, caused by the lack of integer-overflow check when converting length values from bytes to bits. A remote attacker could exploit this vulnerability to conduct a HMAC bypass attack.
Other sources
In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC.
Affected Software
128 affected components
Connect2id Nimbus Jose\+jwt=1.0
Connect2id Nimbus Jose\+jwt=1.1
Connect2id Nimbus Jose\+jwt=1.2
Connect2id Nimbus Jose\+jwt=1.3
Connect2id Nimbus Jose\+jwt=1.4
Connect2id Nimbus Jose\+jwt=1.5
Connect2id Nimbus Jose\+jwt=1.6
Connect2id Nimbus Jose\+jwt=1.7
Connect2id Nimbus Jose\+jwt=1.8
Connect2id Nimbus Jose\+jwt=1.9
Connect2id Nimbus Jose\+jwt=1.9.1
Connect2id Nimbus Jose\+jwt=1.10
Connect2id Nimbus Jose\+jwt=1.11
Connect2id Nimbus Jose\+jwt=1.12
Connect2id Nimbus Jose\+jwt=2.0
Connect2id Nimbus Jose\+jwt=2.0.1
Connect2id Nimbus Jose\+jwt=2.1
Connect2id Nimbus Jose\+jwt=2.1.1
Connect2id Nimbus Jose\+jwt=2.2
Connect2id Nimbus Jose\+jwt=2.3
Connect2id Nimbus Jose\+jwt=2.4
Connect2id Nimbus Jose\+jwt=2.5
Connect2id Nimbus Jose\+jwt=2.6
Connect2id Nimbus Jose\+jwt=2.7
Connect2id Nimbus Jose\+jwt=2.8
Connect2id Nimbus Jose\+jwt=2.9
Connect2id Nimbus Jose\+jwt=2.10
Connect2id Nimbus Jose\+jwt=2.10.1
Connect2id Nimbus Jose\+jwt=2.11.0
Connect2id Nimbus Jose\+jwt=2.12.0
Connect2id Nimbus Jose\+jwt=2.13.0
Connect2id Nimbus Jose\+jwt=2.13.1
Connect2id Nimbus Jose\+jwt=2.14
Connect2id Nimbus Jose\+jwt=2.15
Connect2id Nimbus Jose\+jwt=2.15.1
Connect2id Nimbus Jose\+jwt=2.15.2
Connect2id Nimbus Jose\+jwt=2.16
Connect2id Nimbus Jose\+jwt=2.17
Connect2id Nimbus Jose\+jwt=2.17.1
Connect2id Nimbus Jose\+jwt=2.17.2
Connect2id Nimbus Jose\+jwt=2.18
Connect2id Nimbus Jose\+jwt=2.18.1
Connect2id Nimbus Jose\+jwt=2.18.2
Connect2id Nimbus Jose\+jwt=2.19
Connect2id Nimbus Jose\+jwt=2.19.1
Connect2id Nimbus Jose\+jwt=2.20
Connect2id Nimbus Jose\+jwt=2.21
Connect2id Nimbus Jose\+jwt=2.22
Connect2id Nimbus Jose\+jwt=2.22.1
Connect2id Nimbus Jose\+jwt=2.23
Connect2id Nimbus Jose\+jwt=2.24
Connect2id Nimbus Jose\+jwt=2.25
Connect2id Nimbus Jose\+jwt=2.26
Connect2id Nimbus Jose\+jwt=2.26.1
Connect2id Nimbus Jose\+jwt=3.0
Connect2id Nimbus Jose\+jwt=3.1
Connect2id Nimbus Jose\+jwt=3.1.1
Connect2id Nimbus Jose\+jwt=3.1.2
Connect2id Nimbus Jose\+jwt=3.2
Connect2id Nimbus Jose\+jwt=3.2.1
Connect2id Nimbus Jose\+jwt=3.2.2
Connect2id Nimbus Jose\+jwt=3.3
Connect2id Nimbus Jose\+jwt=3.4
Connect2id Nimbus Jose\+jwt=3.5
Connect2id Nimbus Jose\+jwt=3.6
Connect2id Nimbus Jose\+jwt=3.7
Connect2id Nimbus Jose\+jwt=3.8
Connect2id Nimbus Jose\+jwt=3.8.1
Connect2id Nimbus Jose\+jwt=3.8.2
Connect2id Nimbus Jose\+jwt=3.9
Connect2id Nimbus Jose\+jwt=3.9.1
Connect2id Nimbus Jose\+jwt=3.9.2
Connect2id Nimbus Jose\+jwt=3.10
Connect2id Nimbus Jose\+jwt=4.0
Connect2id Nimbus Jose\+jwt=4.0.1
Connect2id Nimbus Jose\+jwt=4.1
Connect2id Nimbus Jose\+jwt=4.1.1
Connect2id Nimbus Jose\+jwt=4.2
Connect2id Nimbus Jose\+jwt=4.3
Connect2id Nimbus Jose\+jwt=4.3.1
Connect2id Nimbus Jose\+jwt=4.4
Connect2id Nimbus Jose\+jwt=4.5
Connect2id Nimbus Jose\+jwt=4.6
Connect2id Nimbus Jose\+jwt=4.7
Connect2id Nimbus Jose\+jwt=4.8
Connect2id Nimbus Jose\+jwt=4.9
Connect2id Nimbus Jose\+jwt=4.10
Connect2id Nimbus Jose\+jwt=4.11
Connect2id Nimbus Jose\+jwt=4.11.1
Connect2id Nimbus Jose\+jwt=4.11.2
Connect2id Nimbus Jose\+jwt=4.12
Connect2id Nimbus Jose\+jwt=4.13
Connect2id Nimbus Jose\+jwt=4.13.1
Connect2id Nimbus Jose\+jwt=4.14
Connect2id Nimbus Jose\+jwt=4.15
Connect2id Nimbus Jose\+jwt=4.15.1
Connect2id Nimbus Jose\+jwt=4.16
Connect2id Nimbus Jose\+jwt=4.16.1
Connect2id Nimbus Jose\+jwt=4.16.2
Connect2id Nimbus Jose\+jwt=4.17
Connect2id Nimbus Jose\+jwt=4.18
Connect2id Nimbus Jose\+jwt=4.19
Connect2id Nimbus Jose\+jwt=4.20
Connect2id Nimbus Jose\+jwt=4.21
Connect2id Nimbus Jose\+jwt=4.22
Connect2id Nimbus Jose\+jwt=4.23
Connect2id Nimbus Jose\+jwt=4.24
Connect2id Nimbus Jose\+jwt=4.25
Connect2id Nimbus Jose\+jwt=4.26
Connect2id Nimbus Jose\+jwt=4.26.1
Connect2id Nimbus Jose\+jwt=4.27
Connect2id Nimbus Jose\+jwt=4.27.1
Connect2id Nimbus Jose\+jwt=4.28
Connect2id Nimbus Jose\+jwt=4.29
Connect2id Nimbus Jose\+jwt=4.30
Connect2id Nimbus Jose\+jwt=4.31
Connect2id Nimbus Jose\+jwt=4.31.1
Connect2id Nimbus Jose\+jwt=4.32
Connect2id Nimbus Jose\+jwt=4.33
Connect2id Nimbus Jose\+jwt=4.34
Connect2id Nimbus Jose\+jwt=4.34.1
Connect2id Nimbus Jose\+jwt=4.34.2
Connect2id Nimbus Jose\+jwt=4.35
Connect2id Nimbus Jose\+jwt=4.36.1
Connect2id Nimbus Jose\+jwt=4.37
Connect2id Nimbus Jose\+jwt=4.37.1
Connect2id Nimbus Jose\+jwt=4.38
IBM GDE<=3.0.0.2
Remediation
Event History
Aug 20, 2017
CVE Published
via MITRE·04:00 PM
Data Sourced
via MITRE·04:00 PM
Description
Frequently Asked Questions
1
What is the severity of CVE-2017-12972?
CVE-2017-12972 has a medium severity rating, indicating potential for moderate impact if exploited.
2
How do I fix CVE-2017-12972?
To remediate CVE-2017-12972, update Nimbus JOSE+JWT to version 4.39 or later.
3
Who is affected by CVE-2017-12972?
CVE-2017-12972 affects Nimbus JOSE+JWT versions prior to 4.39 and specific versions of IBM GDE up to 3.0.0.2.
4
What type of attack can exploit CVE-2017-12972?
CVE-2017-12972 can be exploited for a HMAC bypass attack due to integer-overflow issues.
5
Is there a patch available for CVE-2017-12972?
Yes, a patch is available through updates to the affected software versions.