CVE-2024-51997

{"id": "CVE-2024-51997", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-11-08T19:15:06.487", "references": [{"url": "https://github.com/confidential-containers/trustee/security/advisories/GHSA-7jc6-j236-vvjw", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Trustee is a set of tools and components for attesting confidential guests and providing secrets to them. The ART (**Attestation Results Token**) token, generated by AS, could be manipulated by MITM attacker, but the verifier (CoCo Verification Demander like KBS) could still verify it successfully. In the payload of ART token, the \u2018jwk\u2019 could be replaced by attacker with his own pub key. Then attacker can use his own corresponding private key to sign the crafted ART token. Based on current code implementation (v0.8.0), such replacement and modification can not be detected. This issue has been addressed in version 0.8.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}, {"lang": "es", "value": "Trustee es un conjunto de herramientas y componentes para certificar a los invitados confidenciales y proporcionarles secretos. El token ART (**Attestation Results Token**), generado por AS, podr\u00eda ser manipulado por un atacante MITM, pero el verificador (CoCo Verification Demander como KBS) a\u00fan podr\u00eda verificarlo con \u00e9xito. En el payload del token ART, el atacante podr\u00eda reemplazar el 'jwk' con su propia clave p\u00fablica. Luego, el atacante puede usar su propia clave privada correspondiente para firmar el token ART creado. Seg\u00fan la implementaci\u00f3n del c\u00f3digo actual (v0.8.0), no se puede detectar dicho reemplazo y modificaci\u00f3n. Este problema se ha solucionado en la versi\u00f3n 0.8.2 y se recomienda a todos los usuarios que actualicen. No existen workarounds para esta vulnerabilidad."}], "lastModified": "2024-11-12T13:56:54.483", "sourceIdentifier": "security-advisories@github.com"}