Timing attack in Cookie signature verification

Root

Cause

Apache Hive's cookie signature verification implemented a byte-by-byte comparison that terminated early upon the first mismatch. This non-constant-time comparison is a well-known side-channel vulnerability, as the time taken to compare strings reveals the number of matching characters [1][2]. The issue was tracked as HIVE-22708 and affects versions prior to 2.3.8.

Attack

Surface

An attacker needs network access to a Hive server that uses HTTP transport with cookie-based authentication. No prior authentication is required to initiate a timing measurement against the cookie verification endpoint, but the attacker must already have obtained the victim's cookie value (without the signature) or be able to observe a series of authentication attempts [1]. The timing signal from the comparison allows an attacker to brute-force the signature byte-by-byte, recovering the full signature over multiple requests.

Impact

Successful exploitation enables a remote, unauthenticated attacker to forge valid cookie signatures for other users. With a forged cookie, the attacker can impersonate any user and gain that user's level of access to Hive queries and data. The severity is rated as CVSS 3.1 7.5 (High) with a vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [2].

Mitigation

The fix was applied in Apache Hive 2.3.8 by replacing the non-constant-time comparison with a safe constant-time alternative. Users should upgrade to Hive 2.3.8 or later. No workarounds have been documented for earlier versions [1].