CVE-2016-0270: Infoleak
First published: Wed Feb 08 2017(Updated: )
IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM i Access Client Solutions | =1.0.0.1 | |
| IBM Domino | =9.0.1.3 | |
| IBM Domino | =9.0.1.4 | |
| IBM Domino | =9.0.1.5 | |
| IBM Lotus Notes | =9.0.1.3 | |
| IBM Lotus Notes | =9.0.1.4 | |
| IBM Lotus Notes | =9.0.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg21979604
- http://www-01.ibm.com/support/docview.wss?uid=swg21979669
- http://www-01.ibm.com/support/docview.wss?uid=swg21979673
- http://www.securityfocus.com/bid/96062
- http://www.securitytracker.com/id/1037795
- https://github.com/nonce-disrespect/nonce-disrespect
- https://support.citrix.com/article/CTX220329
Frequently Asked Questions
What is the severity of CVE-2016-0270?
The severity of CVE-2016-0270 is classified as high due to the potential for remote attackers to spoof data and obtain authentication keys.
How do I fix CVE-2016-0270?
To fix CVE-2016-0270, upgrade to IBM Domino version 9.0.1 Fix Pack 6 or later, or apply the latest available patches.
Which IBM products are affected by CVE-2016-0270?
CVE-2016-0270 affects IBM Domino versions 9.0.1.3 through 9.0.1.5 and IBM Notes versions 9.0.1.3 through 9.0.1.5.
What kind of attacks can CVE-2016-0270 lead to?
CVE-2016-0270 can lead to data spoofing and compromised authentication through nonce reuse in a TLS session.
Is CVE-2016-0270 a local or remote vulnerability?
CVE-2016-0270 is a remote vulnerability, allowing attackers to exploit it over the network.
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm i access client solutions
- version/ibm i access client solutions/1.0.0.1
- canonical/ibm domino
- version/ibm domino/9.0.1.3
- version/ibm domino/9.0.1.4
- version/ibm domino/9.0.1.5
- canonical/ibm lotus notes
- version/ibm lotus notes/9.0.1.3
- version/ibm lotus notes/9.0.1.4
- version/ibm lotus notes/9.0.1.5