CVE-2017-13098: BouncyCastle JCE TLS Bleichenbacher/ROBOT
First published: Wed Dec 13 2017(Updated: )
Bouncy Castle could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive Chosen Ciphertext (Bleichenbacher) attack. By utilizing discrepancies in TLS error messages, an attacker could exploit this vulnerability to obtain the data in the encrypted messages once the TLS session has completed. Note: This vulnerability is also known as the ROBOT attack.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM GDE | <=3.0.0.2 | |
| debian/bouncycastle | 1.60-1 1.60-1+deb10u1 1.68-2 1.72-2 | |
| Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api | <1.59 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/136241
- https://www.ibm.com/support/pages/node/6320835 (Advisory)
- https://github.com/bcgit/bc-java/commit/9b53e60792e14c65cd1dbfad65e88ec5949ce4b3
- https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
- https://robotattack.org/
- https://security-tracker.debian.org/tracker/CVE-2017-13098
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
- http://www.kb.cert.org/vuls/id/144389
- http://www.securityfocus.com/bid/102195
- https://security.netapp.com/advisory/ntap-20171222-0001/
- https://www.debian.org/security/2017/dsa-4072
- https://www.oracle.com/security-alerts/cpuoct2020.html
Frequently Asked Questions
What is CVE-2017-13098?
CVE-2017-13098 is a vulnerability in Bouncy Castle TLS prior to version 1.0.3 when configured to use the JCE (Java Cryptography Extension).
How does CVE-2017-13098 work?
CVE-2017-13098 allows a remote attacker to obtain sensitive information by exploiting discrepancies in TLS error messages, leading to an RSA Adaptive Chosen Ciphertext (Bleichenbacher) attack.
What is the severity of CVE-2017-13098?
CVE-2017-13098 has a severity rating of high, with a CVSS score of 5.9.
Which software is affected by CVE-2017-13098?
IBM GDE version 3.0.0.2 and Bouncy Castle versions 1.60-1, 1.60-1+deb10u1, 1.68-2, and 1.72-2 are affected by CVE-2017-13098.
How can I fix CVE-2017-13098?
To fix CVE-2017-13098, update Bouncy Castle to version 1.0.3 or later.
- collector/security-tracker-debian
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- package-manager/debian
- vendor/bouncycastle
- canonical/bouncycastle legion-of-the-bouncy-castle-java-crytography-api
- vendor/ibm
- canonical/ibm gde
- version/ibm gde/3.0.0.2