Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-h8cp-697h-8c8p: Step CA Has Authorization Bypass in ACME and SCEP Provisioners

Summary

A security fix is now available for Step CA that resolves a vulnerability affecting deployments configured with ACME and/or SCEP provisioners. All operators running these provisioners should upgrade to the latest release (v0.29.0) immediately.

The issue was discovered and disclosed by a research team during a security review. There is no evidence of active exploitation.

To limit exploitation risk during a coordinated disclosure window, we are withholding detailed technical information for now. A full write-up will be published in several weeks.

Embargo List

If your organization runs Step CA in production and would like advance, embargoed notification of future security updates, visit https://u.step.sm/disclosure to request inclusion on our embargo list.

Acknowledgements

This issue was identified and reported by Stephen Kubik of the Cisco Advanced Security Initiatives Group (ASIG)

Stay safe, and thank you for helping us keep the ecosystem secure.

ghsa
Open in Source
#vulnerability#cisco#auth

Summary

A security fix is now available for Step CA that resolves a vulnerability affecting deployments configured with ACME and/or SCEP provisioners.
All operators running these provisioners should upgrade to the latest release (v0.29.0) immediately.

The issue was discovered and disclosed by a research team during a security review. There is no evidence of active exploitation.

To limit exploitation risk during a coordinated disclosure window, we are withholding detailed technical information for now. A full write-up will be published in several weeks.

Embargo List

If your organization runs Step CA in production and would like advance, embargoed notification of future security updates, visit https://u.step.sm/disclosure to request inclusion on our embargo list.

Acknowledgements

This issue was identified and reported by Stephen Kubik of the Cisco Advanced Security Initiatives Group (ASIG)

Stay safe, and thank you for helping us keep the ecosystem secure.

References

  • GHSA-h8cp-697h-8c8p
  • smallstep/certificates@1011f5f

Related news

Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy, except for Grassroot, as the

ghsa: Latest News

GHSA-8qq5-rm4j-mr97: node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization
ghsa