Sophie Schmieg

**Name of the Vulnerable Software and Affected Versions** Azure Storage Library (affected versions not specified) **Description** The issue is related to insufficient access controls in the system, which can be exploited by a remote attacker to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AWS S3 Crypto SDK for GoLang versions prior to V2 **Description** A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang, allowing an attacker with write access to the target's S3 bucket and the ability to observe decryption failures to reconstruct the plaintext with a significant number of queries to the endpoint. This is achieved by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. The vulnerability poses insider risks and privilege escalation risks, potentially circumventing KMS controls for stored data. **Recommendations** Update the SDK to V2 or later and re-encrypt files to mitigate the risk. For files encrypted with CBC mode in older versions, re-encrypt them with AES-GCM to resolve the issue. Using version 2 of the S3 crypto SDK will prevent the creation of new vulnerable files, but old files remain vulnerable until they are re-encrypted.

**Name of the Vulnerable Software and Affected Versions** AWS S3 Crypto SDK for GoLang versions prior to V2 **Description** A vulnerability exists in the in-band key negotiation of the AWS S3 Crypto SDK for GoLang. An attacker with write access to the targeted bucket can change the encryption algorithm of an object, potentially allowing them to reveal the authentication key used by AES-GCM. This can be achieved by switching from AES-GCM to AES-CTR in combination with a decryption oracle. The attack requires access to an endpoint that reveals decryption failures without revealing the plaintext. The vulnerability poses insider risks and privilege escalation risks, circumventing KMS controls for stored data. **Recommendations** Update the SDK to V2 or later and re-encrypt files to mitigate the risk. For versions prior to V2, consider temporarily disabling the use of AES-GCM encryption until a patch is available. Restrict access to the vulnerable API endpoints to minimize the risk of exploitation. Avoid using the `KMS` key wrapping option for new files until the issue is resolved.