Vulnerability Name:

CVE-2018-1000613 (CCN-148041)

Assigned:2018-03-02
Published:2018-03-02
Updated:2022-01-14
Summary:Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-502
CWE-470
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-1000613

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:0607

Source: XF
Type: UNKNOWN
bouncycastle-cve20181000613-code-exec(148041)

Source: CCN
Type: bc-java GIT Repository
added additional checking to XMSS BDS tree parsing. Failures now mostly cause IOException

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/bcgit/bc-java/commit/4092ede58da51af9a21e4825fbad0d9a3ef5a223#diff-2c06e2edef41db889ee14899e12bd574

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/bcgit/bc-java/commit/cd98322b171b15b3f88c5ec871175147893c31e6#diff-148a6c098af0199192d6aede960f45dc

Source: MLIST
Type: Mailing List, Third Party Advisory
[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20190204-0003/

Source: CCN
Type: IBM Security Bulletin 3011649 (Resilient)
Resilient is vulnerable to Using Components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6152121 (License Metric Tool)
Multiple vulnerabilities in Bouncy Castle API affect IBM License Metric Tool v9.

Source: CCN
Type: IBM Security Bulletin 6320835 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: IBM Security Bulletin 6347588 (Security Guardium)
IBM Security Guardium is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6356449 (QRadar SIEM)
Bouncy Castle as used by IBM QRadar SIEM contains multiple vulnerabilities (CVE-2018-1000613, CVE-2017-13098, CVE-2018-1000180)

Source: CCN
Type: IBM Security Bulletin 6444097 (Log Analysis)
Multiple vulnerabilities in Bouncy Castle affects Apache Solr shipped with IBM Operations Analytics - Log Analysis

Source: CCN
Type: IBM Security Bulletin 6496733 (Sterling B2B Integrator)
Bouncy Castle Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6615289 (Planning Analytics Workspace)
IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2022-22968, CVE-2022-24785, CVE-2017-18214, CVE-2016-4055, CVE-2018-1000613, CVE-2020-15522, CVE-2018-1000180, CVE-2020-26939, CVE-2022-22314)

Source: CCN
Type: IBM Security Bulletin 960296 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence is affected by a Using Components with Known Vulnerabilities vulnerability

Source: N/A
Type: Third Party Advisory
N/A

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Source: CONFIRM
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:* (Version >= 1.58 and < 1.60)

    • Configuration 2:
  • cpe:/a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* (Version < 7.0.0.1)
  • OR cpe:/a:oracle:communications_converged_application_server:7.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_convergence:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* (Version < 7.2)
  • OR cpe:/a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_for_fusion_middleware:13.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:utilities_network_management_system:2.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:utilities_network_management_system:2.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:utilities_network_management_system:2.3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:license_metric_tool:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_big_data_intelligence:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20181000613
    V
    		CVE-2018-1000613
    2023-06-22
    oval:org.opensuse.security:def:7993
    P
    		bouncycastle-1.72-150200.3.12.1 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:3368
    P
    		squashfs-4.3-6.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94998
    P
    		bouncycastle-1.64-3.3.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1378
    P
    		Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) (Important)
    2022-06-06
    oval:org.opensuse.security:def:112022
    P
    		bouncycastle-1.68-3.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:64773
    P
    		Security update for glibc (Moderate)
    2021-12-08
    oval:org.opensuse.security:def:64603
    P
    		Security update for dnsmasq (Moderate)
    2021-10-27
    oval:org.opensuse.security:def:105578
    P
    		bouncycastle-1.68-3.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63056
    P
    		hdf5-gnu-hpc-1.10.7-2.25 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63349
    P
    		libslirp-devel-4.3.1-1.51 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62993
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72712
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100828
    P
    		enscript-1.6.6-1.17 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101251
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1904
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:74715
    P
    		Security update for bouncycastle (Moderate)
    2021-06-25
    oval:org.opensuse.security:def:62850
    P
    		cups-ddk-2.2.7-1.24 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62853
    P
    		git-2.16.3-1.30 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:63552
    P
    		libraw-devel-0.18.9-1.9 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62878
    P
    		subversion-bash-completion-1.10.0-1.24 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62846
    P
    		build-20180329-1.10 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:66795
    P
    		Security update for python-httplib2 (Moderate)
    2021-05-31
    oval:org.opensuse.security:def:64501
    P
    		Security update for lz4 (Important)
    2021-05-19
    oval:org.opensuse.security:def:64661
    P
    		Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:66703
    P
    		Security update for slurm_18_08 (Important)
    2020-12-18
    oval:org.opensuse.security:def:72655
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:94115
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107494
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:1847
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117052
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62936
    P
    		bouncycastle-1.64-1.63 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:64394
    P
    		libtiff-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74848
    P
    		Security update for bouncycastle (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63928
    P
    		Security update for libvirt (Important)
    2020-12-01
    oval:org.opensuse.security:def:70151
    P
    		bouncycastle on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49765
    P
    		zlib-devel-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73486
    P
    		bouncycastle on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64257
    P
    		gdk-pixbuf-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49819
    P
    		bouncycastle on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73368
    P
    		accountsservice on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64393
    P
    		libthai-data on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:70046
    P
    		fontforge on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63699
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:110510
    P
    		Security update for bouncycastle (Moderate)
    2020-05-03
    oval:com.ubuntu.bionic:def:201810006130000000
    V
    		CVE-2018-1000613 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-07-09
    oval:com.ubuntu.artful:def:20181000613000
    V
    		CVE-2018-1000613 on Ubuntu 17.10 (artful) - medium.
    2018-07-09
    oval:com.ubuntu.xenial:def:20181000613000
    V
    		CVE-2018-1000613 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-07-09
    oval:com.ubuntu.xenial:def:201810006130000000
    V
    		CVE-2018-1000613 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-07-09
    oval:com.ubuntu.bionic:def:20181000613000
    V
    		CVE-2018-1000613 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-07-09
    oval:com.ubuntu.disco:def:201810006130000000
    V
    		CVE-2018-1000613 on Ubuntu 19.04 (disco) - medium.
    2018-07-09
    oval:com.ubuntu.cosmic:def:20181000613000
    V
    		CVE-2018-1000613 on Ubuntu 18.10 (cosmic) - medium.
    2018-07-09
    oval:com.ubuntu.cosmic:def:201810006130000000
    V
    		CVE-2018-1000613 on Ubuntu 18.10 (cosmic) - medium.
    2018-07-09
    oval:com.ubuntu.trusty:def:20181000613000
    V
    		CVE-2018-1000613 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-07-09
    BACK
    bouncycastle legion-of-the-bouncy-castle-java-crytography-api *
    netapp oncommand workflow automation -
    opensuse leap 15.1
    oracle api gateway 11.1.2.4.0
    oracle banking platform 2.6.0
    oracle banking platform 2.6.1
    oracle banking platform 2.6.2
    oracle business process management suite 11.1.1.9.0
    oracle business process management suite 12.1.3.0.0
    oracle business process management suite 12.2.1.3.0
    oracle business transaction management 12.1.0
    oracle communications application session controller 3.7.1
    oracle communications application session controller 3.8.0
    oracle communications converged application server *
    oracle communications converged application server 7.0.0.1
    oracle communications convergence 3.0.2
    oracle communications diameter signaling router 8.0.0
    oracle communications diameter signaling router 8.1
    oracle communications diameter signaling router 8.2
    oracle communications diameter signaling router 8.2.1
    oracle communications webrtc session controller *
    oracle communications webrtc session controller 7.2
    oracle data integrator 12.2.1.3.0
    oracle enterprise manager base platform 12.1.0.5.0
    oracle enterprise manager base platform 13.2.0.0
    oracle enterprise manager base platform 13.3.0.0
    oracle enterprise manager for fusion middleware 13.2.0.0
    oracle enterprise manager for fusion middleware 13.3.0.0
    oracle enterprise repository 11.1.1.7.0
    oracle enterprise repository 12.1.3.0.0
    oracle managed file transfer 12.1.3.0.0
    oracle managed file transfer 12.2.1.3.0
    oracle peoplesoft enterprise peopletools 8.55
    oracle peoplesoft enterprise peopletools 8.56
    oracle peoplesoft enterprise peopletools 8.57
    oracle retail convenience and fuel pos software 2.8.1
    oracle retail xstore point of service 7.0
    oracle retail xstore point of service 7.1
    oracle soa suite 12.1.3.0.0
    oracle soa suite 12.2.1.3.0
    oracle utilities network management system 1.12.0.3
    oracle utilities network management system 2.3.0.0
    oracle utilities network management system 2.3.0.1
    oracle utilities network management system 2.3.0.2
    oracle webcenter portal 11.1.1.9.0
    oracle webcenter portal 12.2.1.3.0
    oracle weblogic server 12.2.1.3
    ibm license metric tool 9.2
    ibm qradar security information and event manager 7.3
    ibm sterling b2b integrator 6.0.0.0
    ibm security guardium big data intelligence 1.0
    ibm security guardium 11.0
    ibm security guardium 11.1
    ibm qradar security information and event manager 7.4 -
    ibm log analysis 1.3.1
    ibm log analysis 1.3.2
    ibm log analysis 1.3.3
    ibm log analysis 1.3.4
    ibm log analysis 1.3.5
    ibm log analysis 1.3.6
    ibm security guardium data encryption 3.0.0.2
    ibm sterling b2b integrator 6.1.0.0
    ibm planning analytics workspace 2.0