{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-12403", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "dateUpdated": "2024-08-04T11:56:51.720Z", "dateReserved": "2020-04-28T00:00:00", "datePublished": "2021-05-27T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2023-03-24T00:00:00"}, "descriptions": [{"lang": "en", "value": "A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability."}], "affected": [{"vendor": "n/a", "product": "nss", "versions": [{"version": "nss 3.55", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931"}, {"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes"}, {"name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3327-1] nss security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html"}, {"url": "https://security.netapp.com/advisory/ntap-20230324-0006/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-125", "cweId": "CWE-125"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:56:51.720Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931", "tags": ["x_transferred"]}, {"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3327-1] nss security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html"}, {"url": "https://security.netapp.com/advisory/ntap-20230324-0006/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*", "matchCriteriaId": "D021F308-A866-4FB1-ADF1-F00FDBFCCFF6", "versionEndExcluding": "3.55", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en la manera en que se implement\u00f3 CHACHA20-POLY1305 en NSS en versiones anteriores a 3.55. Cuando es usado Chacha20 de m\u00faltiples partes, podr\u00eda causar lecturas fuera de l\u00edmites. Este problema fue corregido al desactivar expl\u00edcitamente ChaCha20 de m\u00faltiples partes (que no funcionaba correctamente) y aplicando estrictamente la longitud de la etiqueta. La mayor amenaza de esta vulnerabilidad es la confidencialidad y la disponibilidad del sistema"}], "id": "CVE-2020-12403", "lastModified": "2023-03-24T16:15:07.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-27T19:15:07.953", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes"}, {"source": "security@mozilla.org", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html"}, {"source": "security@mozilla.org", "url": "https://security.netapp.com/advisory/ntap-20230324-0006/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "security@mozilla.org", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla Project for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:4076", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nspr-0:4.25.0-2.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2020:4076", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-0:3.53.1-3.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2020:4076", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-softokn-0:3.53.1-6.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2020:4076", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-util-0:3.53.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2021:0758", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "nss-softokn-0:3.28.3-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0758", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "nss-softokn-0:3.28.3-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0758", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "nss-softokn-0:3.28.3-10.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2021:0876", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "nss-0:3.36.0-9.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2021-03-16T00:00:00Z"}, {"advisory": "RHSA-2021:0876", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "nss-softokn-0:3.36.0-7.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2021-03-16T00:00:00Z"}, {"advisory": "RHSA-2021:1026", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "nss-softokn-0:3.44.0-9.el7_7", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2021-03-30T00:00:00Z"}, {"advisory": "RHSA-2021:0538", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nss-0:3.53.1-17.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-02-16T00:00:00Z"}, {"advisory": "RHSA-2021:0949", "cpe": "cpe:/a:redhat:openshift_do:1.0::el7", "package": "openshiftdo/odo-init-image-rhel7:1.1.3-2", "product_name": "Red Hat OpenShift Do", "release_date": "2021-03-22T00:00:00Z"}], "bugzilla": {"description": "nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read", "id": "1868931", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868931"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "status": "verified"}, "cwe": "CWE-125", "details": ["A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.", "A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability."], "name": "CVE-2020-12403", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "nss", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "nss", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2020-07-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-12403\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-12403\nhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes"], "threat_severity": "Moderate", "upstream_fix": "nss 3.55"}