5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-29222

GHSA ID

GHSA-w45j-f832-hxvh

EPSS Score

0.56357%

CWE

CWE-295

Published

5/25/2022

Updated

8/29/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-29222

CVE-2022-29222:
Pion/DLTS Accepts Client Certificates Without CertificateVerify

Impact

A DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it.

This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a Pion DTLS server prior to v2.1.5

Patches

Upgrade to Pion DTLS v2.1.5

Workarounds

No workarounds available, upgrade to Pion DTLS v2.1.5

References

Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.

For more information

If you have any questions or comments about this advisory:

Open an issue in Pion DTLS
Email us at team@pion.ly

(GitHub Advisory)

5.9

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-29222

GHSA ID

GHSA-w45j-f832-hxvh

EPSS Score

0.56357%

CWE

CWE-295

Published

5/25/2022

Updated

8/29/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/pion/dtls	go	< 2.1.5	2.1.5
github.com/pion/dtls/v2	go	< 2.1.5	2.1.5

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper certificate validation in the DTLS handshake process. The flight4Parse function in flight4handler.go was modified in the patch to add a check (lines 92-95) that prevents cipher suite initialization without CertificateVerify when client certificates are present. The associated test (flight4handler_test.go) explicitly verifies this failure scenario. The affected package entry points (Client, Server, etc.) ultimately rely on this handshake processing logic, making flight4Parse the core vulnerable function that failed to validate certificate ownership proof.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * *TLS *li*nt *oul* provi** * **rti*i**t* t**t it *o*sn't poss*s t** priv*t* k*y *or *n* Pion *TLS woul*n't r*j**t it. T*is issu* *****ts us*rs t**t *r* usin* *li*nt **rti*i**t*s only. T** *onn**tion its*l* is still s**ur*. T** **rti*i**

Reasoning

T** vuln*r**ility st*ms *rom improp*r **rti*i**t* `v*li**tion` in t** *TLS **n*s**k* `pro**ss`. T** `*li**t*P*rs*` *un*tion in `*li**t***n*l*r.*o` w*s mo*i*i** in t** p*t** to *** * ****k (lin*s **-**) t**t pr*v*nts *ip**r suit* initi*liz*tion wit*ou

5.9

Basic Information

Concerned about an active attack path?

CVE-2022-29222: Pion/DLTS Accepts Client Certificates Without CertificateVerify

Impact

Patches

Workarounds

References

For more information

5.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2022-29222:
Pion/DLTS Accepts Client Certificates Without CertificateVerify

Vulnerability Intelligence
Miggo AI