Vulnerability CVE-2013-1624 - CERT Civis.Net

Vulnerability Name:

CVE-2013-1624 (CCN-81910)

Assigned:

2013-02-06

Published:

2013-02-06

Updated:

2018-10-30

Summary:

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2013-1624

Source: CCN
Type: oss-security mailing list, Tue, 5 Feb 2013 18:32:00 -0500 (EST)
Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations

Source: MLIST
Type: UNKNOWN
[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations

Source: REDHAT
Type: UNKNOWN
RHSA-2014:0371

Source: REDHAT
Type: UNKNOWN
RHSA-2014:0372

Source: SECUNIA
Type: UNKNOWN
57716

Source: SECUNIA
Type: UNKNOWN
57719

Source: CCN
Type: Bouncy Castle Web site
Bouncy Castle

Source: CCN
Type: IBM Security Bulletin 879407 (Planning Analytics)
Multiple vulnerabilities affect IBM Planning Analytics (CVE-2018-3180, CVE-2013-1624, CVE-2018-1933, CVE-2015-1832, CVE-2018-15494)

Source: MISC
Type: UNKNOWN
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf

Source: CCN
Type: BID-57774
Bouncy Castle TLS CVE-2013-1624 Information Disclosure Vulnerability

Source: XF
Type: UNKNOWN
bouncy-castle-info-disc(81910)

Source: CCN
Type: IBM Security Bulletin 6320835 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: IBM Security Bulletin 6494697 (Tivoli Business Service Manager)
Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Source: CCN
Type: IBM Security Bulletin 960296 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence is affected by a Using Components with Known Vulnerabilities vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.01:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.02:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.03:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.04:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.05:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.06:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.07:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.08:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.09:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.10:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.11:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.12:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.13:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.14:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.15:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.16:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.17:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.18:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.19:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.20:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.21:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.22:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.23:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.24:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.25:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.26:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.27:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.28:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.29:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.30:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.31:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.32:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.33:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.34:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.35:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.36:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.37:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.38:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.39:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.40:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.41:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.42:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.43:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.44:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.45:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.46:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.47:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:0.0:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.0:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.1:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.2:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.3:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.4:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.5:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.6.1:*:*:*:*:*:*:*

OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-c#-cryptography-api:1.7:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:bouncycastle:legion-of-the-bouncy-castle:1.47:*:*:*:*:*:*:*

AND

cpe:/a:ibm:planning_analytics:2.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium_big_data_intelligence:1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.precise:def:20131624000	V	CVE-2013-1624 on Ubuntu 12.04 LTS (precise) - low.	2013-02-08
oval:com.ubuntu.trusty:def:20131624000	V	CVE-2013-1624 on Ubuntu 14.04 LTS (trusty) - low.	2013-02-08
oval:com.ubuntu.xenial:def:20131624000	V	CVE-2013-1624 on Ubuntu 16.04 LTS (xenial) - low.	2013-02-08
oval:com.ubuntu.xenial:def:201316240000000	V	CVE-2013-1624 on Ubuntu 16.04 LTS (xenial) - low.	2013-02-08