CVE-2026-59099
Received
Received - Intake
Authentication Bypass via AES-GCM IV Reuse in Apereo CAS
Vulnerability report for CVE-2026-59099, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-02
Last updated on: 2026-07-02
Assigner: VulnCheck
Description
Description
Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution tokens from the unauthenticated login page and perform known-plaintext analysis to decrypt the webflow conversation state due to keystream reuse caused by a fixed all-zero IV paired with the same encryption key.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apereo | cas | From 7.3.0 (inc) to 8.0.0-RC6 (exc) |
| apereo | cas | 7.3.7.3 |
| apereo | cas | 8.0.0-RC6 |
| apereo | cas | to 8.0.0-RC6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-323 | Nonces should be used for the present occasion and only once. |