CVE-2017-16007
published 2018-06-04CVE-2017-16007: node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier…
PriorityP428medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
0.93%
56.0th percentile
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | node-jose | < 0.9.3 | 0.9.3 |
| cisco | node-jose | >= 0 < 0.9.3 | 0.9.3 |
| hackerone | node-jose_node_module | — | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Invalid Curve Attack in node-jose
osv·2018-07-20
CVE-2017-16007 [MEDIUM] Invalid Curve Attack in node-jose
Invalid Curve Attack in node-jose
Affected versions of `node-jose` are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.
[Proof of Concept](https://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4ae)
## Recommendation
Update to version 0.9.3 or later.
GHSA
Invalid Curve Attack in node-jose
ghsa·2018-07-20
CVE-2017-16007 [MEDIUM] CWE-200 Invalid Curve Attack in node-jose
Invalid Curve Attack in node-jose
Affected versions of `node-jose` are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.
[Proof of Concept](https://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4ae)
## Recommendation
Update to version 0.9.3 or later.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.htmlhttps://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4aehttps://github.com/cisco/node-josehttps://nodesecurity.io/advisories/324http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.htmlhttps://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4aehttps://github.com/cisco/node-josehttps://nodesecurity.io/advisories/324
2018-06-04
Published