CVE-2023-50967 - OpenCVE

latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
jose-0:10-2.el8_10.3	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:5294	2024-08-13T00:00:00Z

References

Link	Providers
https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md
https://github.com/latchset/jose
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIFPQUCLNWEAHYYJWCQD3AZPWYIV6YT3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EGLOAFN2PWZ75ZRLTUDUZCIPH2VFZU/
https://nvd.nist.gov/vuln/detail/CVE-2023-50967
https://www.cve.org/CVERecord?id=CVE-2023-50967

History

Fri, 16 Aug 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8
Vendors & Products		Redhat Redhat enterprise Linux

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-03-20T00:00:00

Updated: 2024-08-27T20:22:01.688Z

Reserved: 2023-12-17T00:00:00

Link: CVE-2023-50967

Vulnrichment

Updated: 2024-08-02T22:23:44.062Z

NVD

Status : Awaiting Analysis

Published: 2024-03-20T16:15:07.570

Modified: 2024-08-27T21:35:03.017

Link: CVE-2023-50967

Redhat

Severity : Moderate

Publid Date: 2024-03-20T00:00:00Z

Links: CVE-2023-50967 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-50967", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-27T20:22:01.688Z", "dateReserved": "2023-12-17T00:00:00", "datePublished": "2024-03-20T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-04-19T23:06:18.594626"}, "descriptions": [{"lang": "en", "value": "latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/latchset/jose"}, {"url": "https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md"}, {"name": "FEDORA-2024-a94b67a7b2", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/"}, {"name": "FEDORA-2024-f98bdff610", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIFPQUCLNWEAHYYJWCQD3AZPWYIV6YT3/"}, {"name": "FEDORA-2024-2cface5aba", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EGLOAFN2PWZ75ZRLTUDUZCIPH2VFZU/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:44.062Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/latchset/jose", "tags": ["x_transferred"]}, {"url": "https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md", "tags": ["x_transferred"]}, {"name": "FEDORA-2024-a94b67a7b2", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/"}, {"name": "FEDORA-2024-f98bdff610", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIFPQUCLNWEAHYYJWCQD3AZPWYIV6YT3/"}, {"name": "FEDORA-2024-2cface5aba", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EGLOAFN2PWZ75ZRLTUDUZCIPH2VFZU/"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "affected": [{"vendor": "latchset", "product": "jose", "cpes": ["cpe:2.3:a:latchset:jose:11:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "11", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-28T19:01:43.109518Z", "id": "CVE-2023-50967", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T20:22:01.688Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/latchset/jose", "tags": ["x_transferred"]}, {"url": "https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/", "name": "FEDORA-2024-a94b67a7b2", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIFPQUCLNWEAHYYJWCQD3AZPWYIV6YT3/", "name": "FEDORA-2024-f98bdff610", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EGLOAFN2PWZ75ZRLTUDUZCIPH2VFZU/", "name": "FEDORA-2024-2cface5aba", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:44.062Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-50967", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-28T19:01:43.109518Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:latchset:jose:11:*:*:*:*:*:*:*"], "vendor": "latchset", "product": "jose", "versions": [{"status": "affected", "version": "11"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T20:21:53.531Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/latchset/jose"}, {"url": "https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/", "name": "FEDORA-2024-a94b67a7b2", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIFPQUCLNWEAHYYJWCQD3AZPWYIV6YT3/", "name": "FEDORA-2024-f98bdff610", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EGLOAFN2PWZ75ZRLTUDUZCIPH2VFZU/", "name": "FEDORA-2024-2cface5aba", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-04-19T23:06:18.594626"}}}, "cveMetadata": {"cveId": "CVE-2023-50967", "state": "PUBLISHED", "dateUpdated": "2024-08-27T20:22:01.688Z", "dateReserved": "2023-12-17T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-03-20T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"affected_release": [{"advisory": "RHSA-2024:5294", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "jose-0:10-2.el8_10.3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-13T00:00:00Z"}], "bugzilla": {"description": "jose: Denial of service due to uncontrolled CPU consumption", "id": "2270538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270538"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.", "A flaw was found in the Jose package, where a large number of iterations used to derive the wrapping key for the PBKDF2 algorithm may lead to a denial of service. This flaw allows an attacker to set a large number of `PBKDF2' iterations, triggering an uncontrolled resource consumption that impacts the availability of the targeted application."], "name": "CVE-2023-50967", "package_state": [{"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Will not fix", "package_name": "multicluster-engine/console-mce-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Will not fix", "package_name": "multicluster-engine/multicluster-engine-console-mce-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Will not fix", "package_name": "jose", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Affected", "package_name": "rhdh-hub-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "jose", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "jose", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-operator-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-rhel8-operator", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Not affected", "package_name": "devspaces/code-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Not affected", "package_name": "devspaces/dashboard-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}], "public_date": "2024-03-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-50967\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-50967"], "statement": "The JWE key management algorithms use a JOSE Header Parameter called p2c (PBES2 Count), which controls the PBKDF2 iterations to derive a CEK wrapping key. If an attacker sets p2c too high, it can lead to excessive computational use and a potential denial of service attack.", "threat_severity": "Moderate"}