Skip to content

Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors

Low
eb-oss published GHSA-6c7m-qwxj-mvhp Nov 18, 2021

Package

gomod github.com/edgexfoundry/app-functions-sdk-go/ (Go)

Affected versions

<v2.1.0

Patched versions

none
gomod github.com/edgexfoundry/app-functions-sdk-go/v2 (Go)
<v2.1.0
v2.1.0
gomod github.com/edgexfoundry/app-service-configurable (Go)
<v2.1.0
v2.1.0

Description

Summary

Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors.

Detailed Description

The app-functions-sdk exports an “aes” transform that user scripts can optionally call to encrypt data in the processing pipeline. No decrypt function is provided. Encryption is not enabled by default, but if used, the level of protection may be less than the user may expects due to a broken implementation in https://github.com/edgexfoundry/app-functions-sdk-go/blob/v1.0.0/pkg/transforms/encryption.go

Version v2.1.0 (EdgeX Foundry Jakarta release and later) of app-functions-sdk-go/v2 deprecates the “aes” transform and provides an improved “aes256” transform in its place. The broken implementation will remain in a deprecated state until it is removed in the next EdgeX major release to avoid breakage of existing software that depends on the broken implementation.

Impact

As the broken transform is a library function that is not invoked by default, users who do not use the AES transform in their processing pipelines are unaffected. Those that are affected are urged to upgrade to the Jakarta EdgeX release and modify processing pipelines to use the new "aes256" transform.

Vulnerable go modules

  • github.com/edgexfoundry/app-functions-sdk-go < v2.1.0
  • github.com/edgexfoundry/app-functions-sdk-go/v2 < v2.1.0
  • github.com/edgexfoundry/app-service-configurable < v2.1.0

Vulnerable containers

Vulnerable Snaps

Patches

Upgrade to 2.1.0 version of app-functions-sdk-go/v2, app-service-configurable, and related docker containers shown below and modify user scripts to use the new "aes256" transform in place of the existing "aes" transform.

Patched go modules

  • github.com/edgexfoundry/app-functions-sdk-go/v2 v2.1.0
  • github.com/edgexfoundry/app-service-configurable v2.1.0

Modification of user scripts is necessary for full remediation.

Patched containers

Modification of user scripts is necessary for full remediation.

Patched Snaps

Modification of user scripts is necessary for full remediation.

Workarounds

If unable to upgrade, change the processing pipeline to use an HTTPS (TLS 1.3) endpoint to export and skip encryption.

References

For more information

If you have any questions or comments about this advisory:

Severity

Low

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v3 base metrics

Attack vector
Network
Attack complexity
High
Privileges required
Low
User interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

CVSS v3 base metrics

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.
Attack complexity: More severe for the least complex attacks.
Privileges required: More severe if no privileges are required.
User interaction: More severe when no user interaction is required.
Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.
Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.
Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.
Availability: More severe when the loss of impacted component availability is highest.
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

CVE ID

CVE-2021-41278

Weaknesses

Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. Learn more on MITRE.

Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm. Learn more on MITRE.

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required. Learn more on MITRE.

Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol. Learn more on MITRE.

Use of Weak Hash

The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack). Learn more on MITRE.

Generation of Predictable IV with CBC Mode

The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key. Learn more on MITRE.

Use of Insufficiently Random Values

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. Learn more on MITRE.

Improper Following of Specification by Caller

The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform. Learn more on MITRE.

Improper Control of a Resource Through its Lifetime

The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release. Learn more on MITRE.

Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. Learn more on MITRE.

Improper Adherence to Coding Standards

The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. Learn more on MITRE.

Reliance on Untrusted Inputs in a Security Decision

The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. Learn more on MITRE.

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors. Learn more on MITRE.

Generation of Weak Initialization Vector (IV)

The product uses a cryptographic primitive that uses an Initialization Vector (IV), but the product does not generate IVs that are sufficiently unpredictable or unique according to the expected cryptographic requirements for that primitive. Learn more on MITRE.

Credits