Sign-up

ID

VAR-202203-0662


CVE

CVE-2022-23610


TITLE

Wire Swiss GmbH  of  wire-server  Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-007206

DESCRIPTION

wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was possible to create new accounts with fake SAML credentials. Under certain conditions that can be established by an attacker, an upstream library for parsing, rendering, signing, and validating SAML XML data was accepting public keys as trusted that were provided by the attacker in the signature. As a consequence, the attacker could login as any user in any Wire team with SAML SSO enabled. If SCIM was not enabled, the attacker could also create new users with new SAML NameIDs. In order to exploit this vulnerability, the attacker needs to know the SSO login code (distributed to all team members with SAML credentials and visible in the Team Management app), the SAML EntityID identifying the IdP (a URL not considered sensitive, but usually hard to guess, also visible in Team Management), and the SAML NameID of the user (usually an email address or a nick). The issue has been fixed in wire-server `2022-01-27` and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to `2022-01-27`, so that their backends are no longer affected. There are currently no known workarounds. More detailed information about how to reproduce the vulnerability and mitigation strategies is available in the GitHub Security Advisory. Wire Swiss GmbH of wire-server Exists in a digital signature verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-23610 // JVNDB: JVNDB-2022-007206 // VULMON: CVE-2022-23610

AFFECTED PRODUCTS

vendor:wiremodel:wire-serverscope:ltversion:2.123.0

Trust: 1.0

vendor:wire swissmodel:wire-serverscope:eqversion:2.123.0

Trust: 0.8

vendor:wire swissmodel:wire-serverscope:eqversion: -

Trust: 0.8

vendor:wire swissmodel:wire-serverscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-007206 // NVD: CVE-2022-23610

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-23610
value: HIGH

Trust: 1.0

security-advisories@github.com: CVE-2022-23610
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-23610
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202203-1554
value: HIGH

Trust: 0.6

VULMON: CVE-2022-23610
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-23610
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2022-23610
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

security-advisories@github.com: CVE-2022-23610
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2022-23610
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2022-23610 // JVNDB: JVNDB-2022-007206 // CNNVD: CNNVD-202203-1554 // NVD: CVE-2022-23610 // NVD: CVE-2022-23610

PROBLEMTYPE DATA

problemtype:CWE-347

Trust: 1.0

problemtype:Improper verification of digital signatures (CWE-347) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-007206 // NVD: CVE-2022-23610

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-1554

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202203-1554

PATCH

title:Wire Repair measures for data forgery problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=187034

Trust: 0.6

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-23610 // CNNVD: CNNVD-202203-1554

EXTERNAL IDS

db:NVDid:CVE-2022-23610

Trust: 3.3

db:JVNDBid:JVNDB-2022-007206

Trust: 0.8

db:CNNVDid:CNNVD-202203-1554

Trust: 0.6

db:VULMONid:CVE-2022-23610

Trust: 0.1

sources: VULMON: CVE-2022-23610 // JVNDB: JVNDB-2022-007206 // CNNVD: CNNVD-202203-1554 // NVD: CVE-2022-23610

REFERENCES

url:https://github.com/wireapp/wire-server/releases/tag/v2022-01-27

Trust: 2.5

url:https://github.com/wireapp/wire-server/security/advisories/ghsa-9jg9-9g37-4424

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-23610

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-23610/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/347.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: VULMON: CVE-2022-23610 // JVNDB: JVNDB-2022-007206 // CNNVD: CNNVD-202203-1554 // NVD: CVE-2022-23610

SOURCES

db:VULMONid:CVE-2022-23610
db:JVNDBid:JVNDB-2022-007206
db:CNNVDid:CNNVD-202203-1554
db:NVDid:CVE-2022-23610

LAST UPDATE DATE

2024-11-23T22:40:35.472000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-23610date:2022-03-28T00:00:00
db:JVNDBid:JVNDB-2022-007206date:2023-07-12T08:29:00
db:CNNVDid:CNNVD-202203-1554date:2022-04-06T00:00:00
db:NVDid:CVE-2022-23610date:2024-11-21T06:48:55.640

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-23610date:2022-03-16T00:00:00
db:JVNDBid:JVNDB-2022-007206date:2023-07-12T00:00:00
db:CNNVDid:CNNVD-202203-1554date:2022-03-16T00:00:00
db:NVDid:CVE-2022-23610date:2022-03-16T18:15:11.617