Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature without retrying, and then solves for x from the resulting signature.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
None
No disruption
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Jsrsasign_Project Jsrsasign
cpe:2.3:a:jsrsasign_project:jsrsasign:*:*:*:*:*:node.js:*:*
|
— |
11.1.1
|
References 4
https://gist.github.com/Kr0emer/93789fe6efe5519db9692d4ad1dad586
report@snyk.io
https://github.com/kjur/jsrsasign/commit/0710e392ec35de697ce11e4219c988ba2b5fe0…
report@snyk.io
https://github.com/kjur/jsrsasign/pull/645
report@snyk.io
https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15370941
report@snyk.io