CVE-2022-2582
published 2022-12-27CVE-2022-2582: The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the…
PriorityP419medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.48%
37.9th percentile
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amazon | aws_software_development_kit | < 1.34.0 | 1.34.0 |
| debian | golang-github-aws-aws-sdk-go | < golang-github-aws-aws-sdk-go 1.34.22-1 (bookworm) | golang-github-aws-aws-sdk-go 1.34.22-1 (bookworm) |
| github.com | aws_aws-sdk-go | >= 0 < 1.34.0 | 1.34.0 |
| github.com | aws_aws-sdk-go_github.com_aws_aws-sdk-go_service_s3_s3crypto | < 1.34.0 | 1.34.0 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
osv·2022-12-28
CVE-2022-2582 [MEDIUM] AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
GHSA
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
ghsa·2022-12-28
CVE-2022-2582 [MEDIUM] CWE-326 AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
OSV
CVE-2022-2582: The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
osv·2022-12-27·CVSS 4.3
CVE-2022-2582 [MEDIUM] CVE-2022-2582: The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
OSV
Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
osv·2022-07-01
CVE-2022-2582 Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker.
AWS now blocks this metadata field, but older SDK versions still send it.
OSV
Duplicate Advisory: Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang
osv·2022-02-11
CVE-2022-2582 [MEDIUM] Duplicate Advisory: Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang
Duplicate Advisory: Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang
## Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-6jvc-q2x7-pchv. This link is maintained to preserve external references.
## Original Description
### Summary
The golang AWS S3 Crypto SDK was impacted by an issue that can result in loss of confidentiality. An attacker with read access to an encrypted S3 bucket was able to recover the plaintext without accessing the encryption key.
### Specific Go Packages Affected
github.com/aws/aws-sdk-go/service/s3/s3crypto
### Risk/Severity
The vulnerability poses insider risks/privilege escalation risks, circumventing KMS controls for stored data.
### Impact
The issue has been fully mitigated by AWS as of Aug. 5t
Debian
CVE-2022-2582: golang-github-aws-aws-sdk-go - The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the c...
vendor_debian·2022·CVSS 4.3
CVE-2022-2582 [MEDIUM] CVE-2022-2582: golang-github-aws-aws-sdk-go - The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the c...
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
Scope: local
bookworm: resolved (fixed in 1.34.22-1)
bullseye: resolved (fixed in 1.34.22-1)
forky: resolved (fixed in 1.34.22-1)
sid: resolved (fixed in 1.34.22-1)
trixie: resolved (fixed in 1.34.22-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-27
Published