Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-12019

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Jun, 2018 | 23:00
Updated At-05 Aug, 2024 | 08:24
Rejected At-
Credits

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Jun, 2018 | 23:00
Updated At:05 Aug, 2024 | 08:24
Rejected At:
▼CVE Numbering Authority (CNA)

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://openwall.com/lists/oss-security/2018/06/13/10
x_refsource_MISC
https://www.enigmail.net/index.php/en/download/changelog
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2019/04/30/4
mailing-list
x_refsource_MLIST
http://seclists.org/fulldisclosure/2019/Apr/38
mailing-list
x_refsource_FULLDISC
http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
x_refsource_MISC
https://github.com/RUB-NDS/Johnny-You-Are-Fired
x_refsource_MISC
https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
x_refsource_MISC
Hyperlink: http://openwall.com/lists/oss-security/2018/06/13/10
Resource:
x_refsource_MISC
Hyperlink: https://www.enigmail.net/index.php/en/download/changelog
Resource:
x_refsource_MISC
Hyperlink: http://www.openwall.com/lists/oss-security/2019/04/30/4
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://seclists.org/fulldisclosure/2019/Apr/38
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
Resource:
x_refsource_MISC
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired
Resource:
x_refsource_MISC
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://openwall.com/lists/oss-security/2018/06/13/10
x_refsource_MISC
x_transferred
https://www.enigmail.net/index.php/en/download/changelog
x_refsource_MISC
x_transferred
http://www.openwall.com/lists/oss-security/2019/04/30/4
mailing-list
x_refsource_MLIST
x_transferred
http://seclists.org/fulldisclosure/2019/Apr/38
mailing-list
x_refsource_FULLDISC
x_transferred
http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
x_refsource_MISC
x_transferred
https://github.com/RUB-NDS/Johnny-You-Are-Fired
x_refsource_MISC
x_transferred
https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
x_refsource_MISC
x_transferred
Hyperlink: http://openwall.com/lists/oss-security/2018/06/13/10
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.enigmail.net/index.php/en/download/changelog
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2019/04/30/4
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2019/Apr/38
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Jun, 2018 | 23:29
Updated At:16 May, 2019 | 18:29

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CPE Matches

enigmail
enigmail
>>enigmail>>Versions before 2.0.7(exclusive)
cpe:2.3:a:enigmail:enigmail:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-347Primarynvd@nist.gov
CWE ID: CWE-347
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://openwall.com/lists/oss-security/2018/06/13/10cve@mitre.org
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.htmlcve@mitre.org
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2019/Apr/38cve@mitre.org
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/04/30/4cve@mitre.org
Mailing List
Third Party Advisory
https://github.com/RUB-NDS/Johnny-You-Are-Firedcve@mitre.org
N/A
https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdfcve@mitre.org
N/A
https://www.enigmail.net/index.php/en/download/changelogcve@mitre.org
Exploit
Vendor Advisory
Hyperlink: http://openwall.com/lists/oss-security/2018/06/13/10
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://seclists.org/fulldisclosure/2019/Apr/38
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2019/04/30/4
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.enigmail.net/index.php/en/download/changelog
Source: cve@mitre.org
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

62Records found

CVE-2018-10470
Matching Score-4
Assigner-Objective Development Software GmbH
ShareView Details
Matching Score-4
Assigner-Objective Development Software GmbH
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.07%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 17:00
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fat binary. An attacker can maliciously craft a fat binary containing multiple architectures that may cause a situation where Little Snitch treats the running process as having no code signature at all while erroneously indicating that the binary on disk does have a valid code signature. This could lead to users being confused about whether or not the code signature is valid.

Action-Not Available
Vendor-objective_developmentObjective Development Software GmbHApple Inc.
Product-macoslittle_snitchLittle Snitch
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-1000539
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 34.65%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later.

Action-Not Available
Vendor-json-jwt_projectn/a
Product-json-jwtn/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2018-0114
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-84.69% / 99.28%
||
7 Day CHG+0.94%
Published-04 Jan, 2018 | 06:00
Updated-02 Dec, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature (JWS) standard for JSON Web Tokens (JWTs). This standard specifies that a JSON Web Key (JWK) representing a public key can be embedded within the header of a JWS. This public key is then trusted for verification. An attacker could exploit this by forging valid JWS objects by removing the original signature, adding a new public key to the header, and then signing the object using the (attacker-owned) private key associated with the public key embedded in that JWS header.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-node-joseNode-jose Library
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-41832
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.40%
||
7 Day CHG~0.00%
Published-11 Oct, 2021 | 08:10
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Content Manipulation with Certificate Validation Attack

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.

Action-Not Available
Vendor-The Apache Software Foundation
Product-openofficeApache OpenOffice
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2017-8177
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 16.13%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-hiwalletHiWallet
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-30130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.85%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification.

Action-Not Available
Vendor-phpseclibn/aDebian GNU/Linux
Product-debian_linuxphpseclibn/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2017-16005
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.45%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 19:00
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature.

Action-Not Available
Vendor-joyentHackerOne
Product-http-signaturehttp-signature node module
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-28091
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.62%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 14:39
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.

Action-Not Available
Vendor-entrouvertn/aDebian GNU/LinuxFedora Project
Product-lassodebian_linuxfedoran/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-25636
Matching Score-4
Assigner-Document Foundation, The
ShareView Details
Matching Score-4
Assigner-Document Foundation, The
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.32%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect trust validation of signature with ambiguous KeyInfo children

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both "X509Data" and "KeyValue" children of the "KeyInfo" tag, which when opened caused LibreOffice to verify using the "KeyValue" but to report verification with the unrelated "X509Data" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5.

Action-Not Available
Vendor-libreofficeThe Document FoundationFedora Project
Product-fedoralibreofficeLibreOffice
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-14966
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.93%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 11:20
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid. This could have a security-relevant impact if an application relied on a single canonical signature.

Action-Not Available
Vendor-jsrsasign_projectn/aNetApp, Inc.
Product-max_datajsrsasignn/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-33054
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.95%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 14:40
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. (Only versions after 2.0.5a are affected.)

Action-Not Available
Vendor-inversen/aDebian GNU/Linux
Product-debian_linuxsogon/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2020-36285
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.06%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 15:38
Updated-04 Aug, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites and mobile apps, via a crafted authentication code (MAC) which is generated based on a secret key which is NULL.

Action-Not Available
Vendor-unionpayintln/a
Product-union_payn/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
  • Previous
  • 1
  • 2
  • Next
Details not found