Vulnerability Description
The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison should be done with a constant time algorithm instead.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Tapestry | >= 5.4.0, <= 5.4.3 |
Related Weaknesses (CWE)
References
- https://lists.apache.org/thread.html/6e8f42c88da7be3c60aafe3f6a85eb00b4f8b444de2
- https://lists.apache.org/thread.html/7a437dad5af7309aba4d01bfc2463b3ac34e6aafaa5
- https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476
- https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad
- https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7d
- https://lists.apache.org/thread.html/6e8f42c88da7be3c60aafe3f6a85eb00b4f8b444de2
- https://lists.apache.org/thread.html/7a437dad5af7309aba4d01bfc2463b3ac34e6aafaa5
- https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476
- https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad
- https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7d
FAQ
What is CVE-2019-10071?
CVE-2019-10071 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code ex...
How severe is CVE-2019-10071?
CVE-2019-10071 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-10071?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Tapestry.