Vulnerability CVE-2017-13098

Vulnerability Name:

CVE-2017-13098 (CCN-136241)

Assigned:

2017-12-12

Published:

2017-12-12

Updated:

2020-10-20

Summary:

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-203
CWE-203

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2017-13098

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0607

Source: CCN
Type: IBM Security Bulletin 2015539 (PredictiveInsight)
Multiple Security Vulnerabilities Impact IBM Predictive Insights

Source: CCN
Type: US-CERT VU#144389
TLS implementations may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding

Source: CERT-VN
Type: Issue Tracking, Mitigation, Third Party Advisory, US Government Resource
VU#144389

Source: BID
Type: Third Party Advisory, VDB Entry
102195

Source: CCN
Type: BID-102195
Bouncy Castle CVE-2017-13098 Information Disclosure Vulnerability

Source: XF
Type: UNKNOWN
bouncy-castle-cve201713098-info-disc(136241)

Source: CCN
Type: Bouncy Castle GIT Repository
Confirm size of decrypted PMS before using

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c

Source: CCN
Type: Robot Attack Web site
The ROBOT Attack

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://robotattack.org/

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://security.netapp.com/advisory/ntap-20171222-0001/

Source: DEBIAN
Type: Issue Tracking, Third Party Advisory
DSA-4072

Source: CCN
Type: IBM Security Bulletin 2016292 (Security Guardium)
IBM Security Guardium is affected by a Public disclosed vulnerability from Bouncy Castle

Source: CCN
Type: IBM Security Bulletin 3011649 (Resilient)
Resilient is vulnerable to Using Components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6320835 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: IBM Security Bulletin 6356449 (QRadar SIEM)
Bouncy Castle as used by IBM QRadar SIEM contains multiple vulnerabilities (CVE-2018-1000613, CVE-2017-13098, CVE-2018-1000180)

Source: CCN
Type: IBM Security Bulletin 6367945 (Sterling B2B Integrator)
Multiple Bouncy Castle Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6496733 (Sterling B2B Integrator)
Bouncy Castle Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6829593 (Sterling File Gateway)
IBM Sterling File Gateway is vulnerable to multiple issues due to Bouncy Castle

Source: CCN
Type: IBM Security Bulletin 6840683 (Log Analysis)
Vulnerability in Bouncy Castle used by Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2017-13098)

Source: CCN
Type: IBM Security Bulletin 960296 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence is affected by a Using Components with Known Vulnerabilities vulnerability

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpuoct2020.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2017-13098

Vulnerable Configuration:

Configuration 1:

cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:* (Version < 1.59)

Configuration CCN 1:

cpe:/a:bouncycastle:legion-of-the-bouncy-castle:1.50:*:*:*:*:*:*:*

AND

cpe:/a:ibm:predictiveinsight:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:8.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:8.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:8.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:predictiveinsight:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:*:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium_big_data_intelligence:1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.5.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.2:*:*:*:standard:*:*:*

OR cpe:/a:ibm:sterling_file_gateway:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*

OR cpe:/a:ibm:sterling_file_gateway:6.1.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201713098	V	CVE-2017-13098	2023-06-22
oval:org.opensuse.security:def:7993	P	bouncycastle-1.72-150200.3.12.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:3368	P	squashfs-4.3-6.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94998	P	bouncycastle-1.64-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1378	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:112022	P	bouncycastle-1.68-3.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64773	P	Security update for glibc (Moderate)	2021-12-08
oval:org.opensuse.security:def:64603	P	Security update for dnsmasq (Moderate)	2021-10-27
oval:org.opensuse.security:def:105578	P	bouncycastle-1.68-3.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:63056	P	hdf5-gnu-hpc-1.10.7-2.25 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63349	P	libslirp-devel-4.3.1-1.51 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101251	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1904	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62993	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72712	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100828	P	enscript-1.6.6-1.17 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:74715	P	Security update for bouncycastle (Moderate)	2021-06-25
oval:org.opensuse.security:def:62846	P	build-20180329-1.10 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62850	P	cups-ddk-2.2.7-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62853	P	git-2.16.3-1.30 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:63552	P	libraw-devel-0.18.9-1.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62878	P	subversion-bash-completion-1.10.0-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:66795	P	Security update for python-httplib2 (Moderate)	2021-05-31
oval:org.opensuse.security:def:64501	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:64661	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:66703	P	Security update for slurm_18_08 (Important)	2020-12-18
oval:org.opensuse.security:def:72655	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:94115	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107494	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1847	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117052	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62936	P	bouncycastle-1.64-1.63 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63699	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:64394	P	libtiff-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74848	P	Security update for bouncycastle (Moderate)	2020-12-01
oval:org.opensuse.security:def:63928	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:70151	P	bouncycastle on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49765	P	zlib-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73486	P	bouncycastle on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64257	P	gdk-pixbuf-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49819	P	bouncycastle on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73368	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64393	P	libthai-data on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70046	P	fontforge on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:110510	P	Security update for bouncycastle (Moderate)	2020-05-03
oval:com.ubuntu.bionic:def:2017130980000000	V	CVE-2017-13098 on Ubuntu 18.04 LTS (bionic) - medium.	2017-12-13
oval:com.ubuntu.artful:def:201713098000	V	CVE-2017-13098 on Ubuntu 17.10 (artful) - medium.	2017-12-12
oval:com.ubuntu.bionic:def:201713098000	V	CVE-2017-13098 on Ubuntu 18.04 LTS (bionic) - medium.	2017-12-12
oval:com.ubuntu.trusty:def:201713098000	V	CVE-2017-13098 on Ubuntu 14.04 LTS (trusty) - medium.	2017-12-12
oval:com.ubuntu.xenial:def:2017130980000000	V	CVE-2017-13098 on Ubuntu 16.04 LTS (xenial) - medium.	2017-12-12
oval:com.ubuntu.xenial:def:201713098000	V	CVE-2017-13098 on Ubuntu 16.04 LTS (xenial) - medium.	2017-12-12

BACK