Skip to main content

Steeltoe Configuration Encryption EUVDEUVD-2026-37821

| CVE-2026-50268 LOW
Plaintext Storage of a Password (CWE-256)
2026-06-17 GitHub_M GHSA-4j9m-h44m-2hv8
1.9
CVSS 3.1 · Vendor: GitHub_M

Severity by source

Vendor (GitHub_M) PRIMARY
1.9 LOW
AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
vuln.today AI
1.9 LOW

Local attack vector and high privileges required because the flaw is triggered by operator-level configuration; high complexity because exploiting the weaker padding requires oracle access and cryptographic sophistication; low confidentiality only, as only encrypted config secrets are at risk.

3.1 AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
4.0 AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
Patch available
Jul 02, 2026 - 22:02 EUVD
Source Code Evidence Fetched
Jun 17, 2026 - 23:06 vuln.today
Analysis Generated
Jun 17, 2026 - 23:06 vuln.today

DescriptionCVE.org

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the OAEP setting selects PKCS#1 v1.5, which is the same algorithm as the DEFAULT setting. Steeltoe.Configuration.Encryption version 4.2.0 patches the issue.

AnalysisAI

Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0 silently downgrades RSA encryption from OAEP to PKCS#1 v1.5 when operators explicitly configure encrypt:rsa:algorithm=OAEP. The root cause is an incorrect BouncyCastle transformation string in RsaKeyStoreDecryptor.cs - the OAEP branch passed "RSA/ECB/PKCS1" to CipherUtilities.GetCipher() instead of the correct "RSA/NONE/OAEPWithSHA1AndMGF1Padding", meaning both the OAEP and DEFAULT settings silently selected the same weaker algorithm. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker gains high-privilege local or config-server access
Delivery
Exfiltrates PKCS#1 v1.5 ciphertext (mislabeled as OAEP)
Exploit
Locates or constructs decryption oracle
Execution
Submits adaptive chosen-ciphertext queries
Impact
Recovers plaintext configuration secret

Vulnerability AssessmentAI

Exploitation Exploitation requires all of the following: (1) the application must be running Steeltoe.Configuration.Encryption 4.0.0 or 4.1.0 with `encrypt:rsa:algorithm=OAEP` explicitly configured - without this setting, there is no security expectation differential; (2) the attacker must have obtained RSA-encrypted ciphertext from the affected system; (3) the attacker must have access to a decryption oracle capable of leaking padding-validation behavior to conduct a Bleichenbacher adaptive chosen-ciphertext attack; (4) the CVSS vector (AV:L/AC:H/PR:H) further limits exploitation to high-privilege local actors, meaning an insider or an attacker who has already achieved privileged local access. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 1.9 (AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N) accurately reflects the narrow exploitation path: an attacker must already have high-privilege local access to the system and face high attack complexity to extract any benefit from the weaker padding scheme. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has exfiltrated RSA-encrypted configuration blobs from a Spring Cloud Config Server (e.g., via a separate path-traversal or backup leak) and who can submit adaptive chosen-ciphertext queries to a decryption oracle (such as a misconfigured or compromised service endpoint that reveals padding errors) could execute a Bleichenbacher-style attack against ciphertexts that were supposed to be OAEP-protected but were actually encrypted under PKCS#1 v1.5. No public exploit or proof-of-concept targeting this specific vulnerability has been identified; successful exploitation requires substantial cryptographic capability and oracle access.
Remediation Upgrade to Steeltoe.Configuration.Encryption version 4.2.0, which corrects the BouncyCastle transformation string from `"RSA/ECB/PKCS1"` to `"RSA/NONE/OAEPWithSHA1AndMGF1Padding"` for the OAEP algorithm path, as confirmed in commit 6cfee5cccddf8f9a31de69b0ca5ccdd771b73e5b (https://github.com/SteeltoeOSS/Steeltoe/commit/6cfee5cccddf8f9a31de69b0ca5ccdd771b73e5b). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-37821 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy