The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication attacks by making billions of TempID requests before an AES-256-GCM key rotation occurs.
References
Link | Resource |
---|---|
https://github.com/opentrace-community/opentrace-cloud-functions/issues/7 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-17T04:24:28
Updated: 2020-04-17T04:24:28
Reserved: 2020-04-17T00:00:00
Link: CVE-2020-11872
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-17T05:15:13.113
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-11872
JSON object: View
Redhat Information
No data.
CWE