Status: fixed with v2.0.5

Summary

Passbolt Web Extension version v1 does not use a cryptographically secure pseudo random generator when automatically generating random passwords for the user.

  • CVE: N/A.
  • Product affected: Passbolt Browser Extension.
  • Version affected: v1.6.10 and bellow
  • Version fixed: v2.0.5.
  • Affected component: Password generator.
  • Vulnerability Type: Use of Dangerous API.
  • Severity: Low (2.3).
  • Attack vector / exploitation

    An attacker running a malicious script running on the same page (and theoretically in another tab/extension), could try to guess the possible PRNG seed values to predict the result of the unsecure random calls that are used to seed passbolt password generator.

    The attacker would need to have a malicious script running on the page and know the time the password generation button is pressed for this attack to be exploitable in practice. This would still not provide the generated password to the attacker, but a list of possible values that could be used as part of a brute force attack.

    Credits

    This issue was found and reported by Matthias vd Meent.

    Other information

    How did you fix this?

    The function used secretComplexity.generate() uses the Math.random method it should have been using window.crypto.genRandomValues() instead, like in the rest of the code

    Do I need to change my passwords?

    Even considering the low exploitability of this vulnerability, we still recommend to rotate the passwords that were generated by passbolt.

    Are other part of the code affected?

    Other part of the code using PRNG (such as the secret Key generator during the setup) are not affected, as they already use a secure PRNG.

    Current status:

    1. Try first to reproduce the issue
    2. Acknowledge to the reporter
    3. Get a fix/patch prepared
    4. Release new version.
    5. Prepare a report about the issue.
    6. Feature the problem in the release.
    Last updated: 2018-05-08 12:00 PM CET

    Event timeline

    • 2018-05-07 17:00 CET: Vulnerability details sent by reporter.
    • 2018-05-07 17:00 CET: We acknowledge the issue, start working on a fix and start looking for similar issues in other part of the code.
    • 2018-05-08 08:30 CET: We release a fix on passbolt development repository and start testing with continuous integration tools.
    • 2018-05-08 09:00 PM CET: We deploy a fix on chrome and firefox web extension stores.
    • 2018-05-08 12:00 PM CET: We notify the reporter that a fix has been deployed.
    • 2018-05-08 12:00 PM CET: We publish the fix on github, the release notes and this report.