A vulnerability, which was classified as problematic, was found in Amazon AWS Encryption SDK for Java up to 1.9.0/2.2.0. This affects an unknown part of the component ECDSA Signature Handler. The manipulation leads to improper verification of cryptographic signature.
This vulnerability is uniquely identified as CVE-2024-23680. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.