Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Not A Problem
-
None
-
None
-
None
-
None
Description
In file https://github.com/apache/tika/blob/a43784b19f6b0955478dded71521b0491d21c90b/tika-parsers/tika-parsers-classic/tika-parsers-classic-modules/tika-parser-miscoffice-module/src/main/java/org/apache/tika/parser/hwp/HwpTextExtractorV5.java (at Line 370) and https://github.com/apache/tika/blob/a43784b19f6b0955478dded71521b0491d21c90b/tika-parsers/tika-parsers-classic/tika-parsers-classic-modules/tika-parser-miscoffice-module/src/main/java/org/apache/tika/parser/hwp/HwpTextExtractorV5.java (at line ) the insecure "ECB" mode is used.
Security Impact:
ECB mode allows the attacker to do the following -
detect whether two ECB-encrypted messages are identical;
detect whether two ECB-encrypted messages share a common prefix;
detect whether two ECB-encrypted messages share other common substrings, as long as those substrings are aligned at block boundaries; or
detect whether (and where) a single ECB-encrypted message contains repetitive data (such as long runs of spaces or null bytes, repeated header fields, or coincidentally repeated phrases in the text). - Collected from here
Useful Resources:
https://blog.filippo.io/the-ecb-penguin/
Solution we suggest:
Use GCM mode instead of default or ECB mode.
Please share with us your opinions/comments if there is any:
Is the bug report helpful?
Attachments
Issue Links
- is related to
-
TIKA-3724 Change cipher algo from insecure AES/ECP/PKCS5Padding in HttpClientFactory
-
- Resolved
-