Summary
Sign-in response timing differed between known and unknown email addresses because
the unknown-user branch returned without performing a password hash comparison.
Details
The unknown-user branch in auth.service.ts now performs a bcrypt.compare against
a fixed dummy hash so the response time of failed sign-ins is approximately
independent of whether the address exists. Rate limiting on the sign-in endpoint is
implemented in the Enterprise build only and is not affected by this advisory.
Impact
A network-positioned attacker could enumerate registered email addresses by timing
sign-in responses. Exploitation requires only the ability to send unauthenticated
sign-in requests.
Credit
This issue was reported by @AndyAnh174.
References
AndyAnh174 Reporter
Summary
Sign-in response timing differed between known and unknown email addresses because
the unknown-user branch returned without performing a password hash comparison.
Details
The unknown-user branch in
auth.service.tsnow performs abcrypt.compareagainsta fixed dummy hash so the response time of failed sign-ins is approximately
independent of whether the address exists. Rate limiting on the sign-in endpoint is
implemented in the Enterprise build only and is not affected by this advisory.
Impact
A network-positioned attacker could enumerate registered email addresses by timing
sign-in responses. Exploitation requires only the ability to send unauthenticated
sign-in requests.
Credit
This issue was reported by @AndyAnh174.
References