{ "threat_severity" : "Moderate", "public_date" : "2022-03-18T00:00:00Z", "bugzilla" : { "description" : "node-forge: Signature verification leniency in checking `DigestInfo` structure", "id" : "2067461", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2067461" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "status" : "verified" }, "cwe" : "CWE-347", "details" : [ "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.", "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource." ], "affected_release" : [ { "product_name" : "OpenShift Service Mesh 2.1", "release_date" : "2022-05-05T00:00:00Z", "advisory" : "RHSA-2022:1739", "cpe" : "cpe:/a:redhat:service_mesh:2.1::el8", "package" : "openshift-service-mesh/kiali-rhel8:1.36.9-1" }, { "product_name" : "Red Hat OpenShift Data Foundation 4.11 on RHEL8", "release_date" : "2022-08-24T00:00:00Z", "advisory" : "RHSA-2022:6156", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.11::el8", "package" : "odf4/mcg-core-rhel8:v4.11.0-30" }, { "product_name" : "Red Hat OpenShift Data Foundation 4.11 on RHEL8", "release_date" : "2022-08-24T00:00:00Z", "advisory" : "RHSA-2022:6156", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.11::el8", "package" : "odf4/odf-console-rhel8:v4.11.0-51" }, { "product_name" : "RHINT Service Registry 2.3.0 GA", "release_date" : "2022-10-06T00:00:00Z", "advisory" : "RHSA-2022:6835", "cpe" : "cpe:/a:redhat:service_registry:2.3", "package" : "node-forge" } ], "package_state" : [ { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Fix deferred", "package_name" : "migration-toolkit-virtualization/mtv-ui-rhel8", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : "OpenShift Developer Tools and Services", "fix_state" : "Not affected", "package_name" : "odo", "cpe" : "cpe:/a:redhat:ocp_tools" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-api-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-db-migration-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-ui-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Service Mesh 2.0", "fix_state" : "Affected", "package_name" : "servicemesh-prometheus", "cpe" : "cpe:/a:redhat:service_mesh:2.0" }, { "product_name" : "OpenShift Service Mesh 2.1", "fix_state" : "Not affected", "package_name" : "servicemesh-prometheus", "cpe" : "cpe:/a:redhat:service_mesh:2.1" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Affected", "package_name" : "3scale-apicast-operator-bundle-container", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Affected", "package_name" : "3scale-apicast-operator-container", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "rhacm2/console-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Not affected", "package_name" : "rhacm2/kui-web-terminal-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Not affected", "package_name" : "rhacm2/search-ui-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-docs-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-main-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-rhel8-operator", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-roxctl-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat A-MQ Online", "fix_state" : "Not affected", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:amq_online:1" }, { "product_name" : "Red Hat Data Grid 8", "fix_state" : "Not affected", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:jboss_data_grid:8" }, { "product_name" : "Red Hat Decision Manager 7", "fix_state" : "Not affected", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "pcs", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Not affected", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat Integration Camel Quarkus 1", "fix_state" : "Not affected", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:camel_quarkus:2" }, { "product_name" : "Red Hat Integration Data Virtualisation Operator", "fix_state" : "Out of support scope", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat Integration Service Registry", "fix_state" : "Out of support scope", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat Openshift Container Storage 4", "fix_state" : "Out of support scope", "package_name" : "ocs4/mcg-core-rhel8", "cpe" : "cpe:/a:redhat:openshift_container_storage:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "noobaa-core-container", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Not affected", "package_name" : "devspaces/dashboard-rhel8", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-agent-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-all-in-one-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-collector-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-es-index-cleaner-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-es-rollover-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-ingester-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Will not fix", "package_name" : "rhosdt/jaeger-query-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Will not fix", "package_name" : "openshift-gitops-1/argocd-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Not affected", "package_name" : "openshift-gitops-1/console-plugin-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Fix deferred", "package_name" : "node-forge", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "impact" : "low" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Will not fix", "package_name" : "quay/quay-rhel8", "cpe" : "cpe:/a:redhat:quay:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-24773\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-24773\nhttps://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr" ], "name" : "CVE-2022-24773", "csaw" : false }