Vulnerability Name:

CVE-2020-26939 (CCN-191108)

Assigned:2020-11-02
Published:2020-11-02
Updated:2021-05-28
Summary:In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-203
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2020-26939

Source: XF
Type: UNKNOWN
bouncycastle-cve202026939-info-disc(191108)

Source: CCN
Type: Bouncy Castle GIT Repository
further work to improve constant time in OAEP and RSA core.

Source: CCN
Type: GitHub Web site
CVE 2020 26939

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/bcgit/bc-java/wiki/CVE-2020-26939

Source: MLIST
Type: Mailing List, Third Party Advisory
[solr-issues] 20210525 [jira] [Created] (SOLR-15431) Security vulnerability with Bouncy Castle library within Apache Solr 8.8.2

Source: CCN
Type: Bouncy Castle Web site
Bouncy Castle

Source: CCN
Type: IBM Security Bulletin 6398616 (Daeja ViewONE)
Bouncy Castle Vulnerability

Source: CCN
Type: IBM Security Bulletin 6416215 (Rational Performance Tester)
A vulnerability in Bouncy Castle affects IBM Rational Performance Tester (CVE-2020-26939)

Source: CCN
Type: IBM Security Bulletin 6416391 (Spectrum Symphony)
Multiple vulnerability issues affect IBM Spectrum Symphony 7.3.1

Source: CCN
Type: IBM Security Bulletin 6416393 (Spectrum Conductor)
Multiple vulnerability issues affect IBM Spectrum Conductor 2.5.0

Source: CCN
Type: IBM Security Bulletin 6513226 (Security Guardium)
IBM Security Guardium is affected by a Bouncy Castle vulnerability (CVE-2020-26939)

Source: CCN
Type: IBM Security Bulletin 6526096 (App Connect Professional)
App Connect Professional is affected by Bouncy Castle vulnerability.

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6615289 (Planning Analytics Workspace)
IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2022-22968, CVE-2022-24785, CVE-2017-18214, CVE-2016-4055, CVE-2018-1000613, CVE-2020-15522, CVE-2018-1000180, CVE-2020-26939, CVE-2022-22314)

Source: CCN
Type: IBM Security Bulletin 6829593 (Sterling File Gateway)
IBM Sterling File Gateway is vulnerable to multiple issues due to Bouncy Castle

Source: CCN
Type: IBM Security Bulletin 7005485 (Cloud Pak for Network Automation)
Cloud Pak for Network Automation 2.5.0 fixes multiple security vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:bouncycastle:legion-of-the-bouncy-castle:*:*:*:*:*:*:*:* (Version < 1.61)
  • OR cpe:/a:bouncycastle:legion-of-the-bouncy-castle-fips-java-api:*:*:*:*:*:*:*:* (Version < 1.0.1.2)

    • Configuration CCN 1:
  • cpe:/a:bouncycastle:legion-of-the-bouncy-castle:1.54:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:sterling_file_gateway:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_file_gateway:6.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    bouncycastle legion-of-the-bouncy-castle *
    bouncycastle legion-of-the-bouncy-castle-fips-java-api *
    bouncycastle legion-of-the-bouncy-castle 1.54
    ibm sterling file gateway 6.0.0.0
    ibm security guardium 11.3
    ibm sterling file gateway 6.1.0.0
    ibm planning analytics workspace 2.0