sysPass up to 2.0 inc/SP/Core/Crypt.class MCRYPT_RIJNDAEL_256 inadequate encryption
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.6 | $0-$5k | 0.00 |
A vulnerability was found in sysPass up to 2.0. It has been rated as problematic. This issue affects the function MCRYPT_RIJNDAEL_256
of the file inc/SP/Core/Crypt.class. The manipulation with an unknown input leads to a inadequate encryption vulnerability. Using CWE to declare the problem leads to CWE-326. The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required. Impacted is confidentiality. The summary by CVE is:
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPT_RIJNDAEL_256() function (the 256-bit block version of Rijndael, not AES) instead of MCRYPT_RIJNDAEL_128 (real AES) could help an attacker to create unknown havoc in the remote system.
The bug was discovered 02/14/2017. The weakness was disclosed 03/06/2017 (GitHub Repository). The advisory is shared at github.com. The identification of this vulnerability is CVE-2017-5999 since 02/15/2017. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1600 for this issue.
The vulnerability was handled as a non-public zero-day exploit for at least 20 days. During that time the estimated underground price was around $0-$5k.
Upgrading to version 2.1 eliminates this vulnerability.
Product
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.4VulDB Meta Temp Score: 6.1
VulDB Base Score: 5.3
VulDB Temp Score: 4.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Inadequate encryptionCWE: CWE-326 / CWE-310
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: sysPass 2.1
Timeline
02/14/2017 🔍02/14/2017 🔍
02/15/2017 🔍
03/06/2017 🔍
03/06/2017 🔍
03/06/2017 🔍
09/04/2020 🔍
Sources
Advisory: github.comStatus: Not defined
Confirmation: 🔍
CVE: CVE-2017-5999 (🔍)
SecurityFocus: 96562 - sysPass CVE-2017-5999 Cryptographic Security Bypass Vulnerability
OSVDB: - CVE-2017-5999 - sysPass - Weak Cryptography Issue
Entry
Created: 03/06/2017 17:06Updated: 09/04/2020 11:32
Changes: 03/06/2017 17:06 (60), 09/04/2020 11:32 (5)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.