ulisesbocchio jasypt-spring-boot Password Hash SimpleGCMConfig.java getSecretKeySaltGenerator hash predictable salt
Description
A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator of the file jasypt-spring-boot/src/main/java/com/ulisesbocchio/jasyptspringboot/encryptor/SimpleGCMConfig.java of the component Password Hash Handler. Executing a manipulation can lead to use of a one-way hash with a predictable salt. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation appears to be difficult. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Predictable zero-salt default and low PBKDF2 iterations in jasypt-spring-boot up to 4.0.4 enable cross-deployment key reuse and accelerate brute-force attacks.
Vulnerability
A weakness exists in ulisesbocchio/jasypt-spring-boot versions 3.0.0 through 4.0.4 in the function getSecretKeySaltGenerator of SimpleGCMConfig.java. When no explicit jasypt.encryptor.gcm-secret-key-salt property is configured, the method returns org.jasypt.salt.ZeroSaltGenerator, producing a deterministic 16-byte all-zero salt [2][3]. Additionally, the default PBKDF2 iteration count is set to 1000 in both the GCM master-password path (SimpleGCMConfig.java, line 35) and the PBE mode (StringEncryptorBuilder.java, line 97), which is far below the OWASP 2023 recommendation of 600,000 iterations [2][3].
Exploitation
An attacker with network access to a deployment using the documented AES/GCM master-password recipe can exploit the default configuration. The attack complexity is high, but public exploit code is available [1][2]. The attacker does not need authentication because the weak defaults are applied without administrator action. By obtaining a single piece of ciphertext (e.g., from a property file or environment variable), the attacker can perform offline brute-force attacks on the master password with a precomputed rainbow table that applies globally, since all deployments using the same password derive identical keys [2][3].
Impact
Successful exploitation leads to reuse of AES-256 keys across different deployments that share the same master password, allowing ciphertext from one deployment to be decrypted on another [2][3]. The deterministic zero salt eliminates per-target setup cost in offline brute-force attacks, making it feasible to crack weak passwords more quickly and disclose encrypted property values [2][3].
Mitigation
No official fix has been released as of the disclosure date [2][3]. The project was informed through an issue report but has not responded [1]. Users are advised to manually configure jasypt.encryptor.gcm-secret-key-salt with a random, per-deployment value and increase jasypt.encryptor.gcm-secret-key-iterations (or the equivalent PBE iteration property) to at least 600,000. If a patch becomes available, upgrading to a fixed version is recommended. The vulnerability is not known to be listed in CISA KEV.
- GitHub - ulisesbocchio/jasypt-spring-boot: Jasypt integration for Spring boot
- Insecure cryptographic defaults in jasypt-spring-boot: zero salt + 1000-iteration PBKDF2 in password-based encryption modes
- Insecure cryptographic defaults in jasypt-spring-boot: zero salt + 1000-iteration PBKDF2 in password-based encryption modes
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=3.0.5, <=4.0.4
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The `getSecretKeySaltGenerator` function in `SimpleGCMConfig.java` generates a salt in a predictable manner, allowing an attacker to manipulate the one-way hash process."
Attack vector
An attacker can remotely exploit the `getSecretKeySaltGenerator` function in `SimpleGCMConfig.java` to cause the use of a one-way hash with a predictable salt. The attack requires a high level of complexity and is considered difficult to exploit. The exact payload shape is not detailed in the available references, but the manipulation targets the salt generation mechanism, potentially allowing an attacker to predict or control the salt used in password hashing [ref_id=1].
Affected code
The vulnerability is in the function `getSecretKeySaltGenerator` of the file `jasypt-spring-boot/src/main/java/com/ulisesbocchio/jasyptspringboot/encryptor/SimpleGCMConfig.java`. This function handles the salt generator used for password-based encryption in the Jasypt Spring Boot integration.
What the fix does
No patch has been published by the project maintainer. The advisory notes that the project was informed of the problem early through an issue report but has not yet responded. Until a fix is released, users should avoid relying on the default salt generator configuration in `SimpleGCMConfig` and instead explicitly configure a strong, unpredictable salt generator such as `org.jasypt.salt.RandomSaltGenerator` via the `jasypt.encryptor.salt-generator-classname` property [ref_id=1].
Preconditions
- configThe application must use jasypt-spring-boot version up to 3.0.5 or 4.0.4 with the vulnerable SimpleGCMConfig salt generator.
- networkThe attacker must have network access to the application to trigger the vulnerable code path remotely.
- inputThe attacker must craft a manipulation that exploits the predictable salt generation, which requires high complexity.
Reproduction
A public PoC reference is available at https://github.com/dntyfate/cve/issues/3, but the bundle does not include the verbatim reproduction steps from that source. Therefore, reproduction steps cannot be provided.
Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/dntyfate/cve/issues/3mitreexploitissue-tracking
- vuldb.com/submit/813198mitrethird-party-advisory
- github.com/ulisesbocchio/jasypt-spring-boot/issues/431mitreissue-tracking
- vuldb.com/vuln/365333mitrevdb-entrytechnical-description
- vuldb.com/vuln/365333/ctimitresignaturepermissions-required
News mentions
0No linked articles in our index yet.