Описание
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | bouncycastle | Will not fix | ||
| Red Hat BPM Suite 6 | bouncycastle | Affected | ||
| Red Hat Enterprise Virtualization 3 | jasperreports-server-pro | Not affected | ||
| Red Hat JBoss BRMS 5 | bouncycastle | Will not fix | ||
| Red Hat JBoss BRMS 6 | bouncycastle | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | amq-6 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-6 | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-enterprise-esb-7 | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-mq-enterprise-7 | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 1 | fuse-others | Will not fix |
Показывать по
Дополнительная информация
Статус:
5.1 Medium
CVSS2
Связанные уязвимости
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in the Bouncy Castle Java library before 1.48 a ...
5.1 Medium
CVSS2