Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution tokens from the unauthenticated login page and perform known-plaintext analysis to decrypt the webflow conversation state due to keystream reuse caused by a fixed all-zero IV paired with the same encryption key.
Metrics
Affected Vendors & Products
References
History
Thu, 02 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apereo cas
|
|
| Vendors & Products |
Apereo cas
|
Thu, 02 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution tokens from the unauthenticated login page and perform known-plaintext analysis to decrypt the webflow conversation state due to keystream reuse caused by a fixed all-zero IV paired with the same encryption key. | |
| Title | Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure | |
| First Time appeared |
Apereo
Apereo central Authentication Service |
|
| Weaknesses | CWE-323 | |
| CPEs | cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Apereo
Apereo central Authentication Service |
|
| References |
|
|
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-02T19:42:51.897Z
Reserved: 2026-07-02T15:38:18.929Z
Link: CVE-2026-59099
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T21:45:02Z