Vulnerability Name:

CVE-2016-0270 (CCN-111050)

Assigned:2015-12-08
Published:2016-03-31
Updated:2017-11-15
Summary:IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack."
Note: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue.
CVSS v3 Severity:5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2016-0270

Source: CONFIRM
Type: Mitigation, Patch, Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21979604

Source: CONFIRM
Type: Mitigation, Patch, Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21979669

Source: CONFIRM
Type: Mitigation, Patch, Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21979673

Source: CCN
Type: IBM Security Bulletin 1979604 (Domino)
Vulnerability in IBM Domino Web Server TLS AES GCM Nonce Generation

Source: CCN
Type: IBM Security Bulletin 1979669 (Notes)
Vulnerability in IBM Notes TLS AES GCM Nonce Generation (CVE-2016-0270)

Source: CCN
Type: IBM Security Bulletin 1979673 (Notes)
Vulnerability in IBM Client Application Access TLS AES GCM Nonce Generation (CVE-2016-0270)

Source: BID
Type: Third Party Advisory, VDB Entry
96062

Source: CCN
Type: BID-96062
AES-GCM CVE-2016-0270 Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1037795

Source: XF
Type: UNKNOWN
ibm-domino-cve20160270-mitm(111050)

Source: MISC
Type: Third Party Advisory
https://github.com/nonce-disrespect/nonce-disrespect

Source: CONFIRM
Type: UNKNOWN
https://support.citrix.com/article/CTX220329

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:client_application_access:1.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:9.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:9.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:9.0.1.5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:lotus_notes:9.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:9.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:9.0.1.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm client application access 1.0.0.1
    ibm domino 9.0.1.3
    ibm domino 9.0.1.4
    ibm domino 9.0.1.5
    ibm notes 9.0.1.3
    ibm notes 9.0.1.4
    ibm notes 9.0.1.5
    ibm notes 9.0.1.3
    ibm domino 9.0.1.3
    ibm domino 9.0.1.4
    ibm domino 9.0.1.5
    ibm notes 9.0.1.5
    ibm notes 9.0.1.4