CVE-2019-20786

CRITICAL9.8EPSS 1.2%

Improper Authenication in Pion DTLS

Published: 6/29/2021Modified: 11/8/2023

Also known as:GHSA-7gfg-6934-mqq2GO-2020-0038

Description

handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion.

Affected packages (2)

Go/github.com/pion/dtlsfrom 0, < 1.5.2
Go/github.com/pion/dtlsfrom 0, < 1.5.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (8)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-20786
PATCHhttps://github.com/pion/dtls
WEBhttps://github.com/pion/dtls/commit/fd73a5df2ff0e1fb6ae6a51e2777d7a16cc4f4e0
WEBhttps://github.com/pion/dtls/compare/v1.5.1...v1.5.2
WEBhttps://github.com/pion/dtls/pull/128
WEBhttps://pkg.go.dev/vuln/GO-2020-0038
WEBhttps://www.usenix.org/conference/usenixsecurity20/presentation/fiterau-brostean
WEBhttps://www.usenix.org/system/files/sec20fall_fiterau-brostean_prepub.pdf