CVE-2015-0226
wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.
Apache WSS4J versiones anteriores a 1.6.17 y versiones 2.0.x anteriores a 2.0.2, filtra información inapropiadamente sobre fallos de descifrado cuando se descifra una clave o datos de mensajes cifrados, lo que facilita a atacantes remotos recuperar el formulario de texto plano de una clave simétrica por medio de una serie de mensajes diseñados. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta de CVE-2011-2487.
It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-04-01 CVE Published
- 2023-05-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/72553 | Third Party Advisory | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us | X_refsource_confirm | |
| https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-0846.html | 2019-07-23 | |
| http://rhn.redhat.com/errata/RHSA-2015-0847.html | 2019-07-23 | |
| http://rhn.redhat.com/errata/RHSA-2015-0848.html | 2019-07-23 | |
| http://rhn.redhat.com/errata/RHSA-2015-0849.html | 2019-07-23 | |
| http://rhn.redhat.com/errata/RHSA-2015-1176.html | 2019-07-23 | |
| http://rhn.redhat.com/errata/RHSA-2015-1177.html | 2019-07-23 | |
| https://access.redhat.com/errata/RHSA-2016:1376 | 2019-07-23 | |
| https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc | 2019-07-23 | |
| https://access.redhat.com/security/cve/CVE-2015-0226 | 2016-06-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1191446 | 2016-06-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Wss4j Search vendor "Apache" for product "Wss4j" | <= 1.6.16 Search vendor "Apache" for product "Wss4j" and version " <= 1.6.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Wss4j Search vendor "Apache" for product "Wss4j" | 2.0 Search vendor "Apache" for product "Wss4j" and version "2.0" | beta |
Affected
| ||||||
| Apache Search vendor "Apache" | Wss4j Search vendor "Apache" for product "Wss4j" | 2.0.0 Search vendor "Apache" for product "Wss4j" and version "2.0.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Wss4j Search vendor "Apache" for product "Wss4j" | 2.0.0 Search vendor "Apache" for product "Wss4j" and version "2.0.0" | rc1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Wss4j Search vendor "Apache" for product "Wss4j" | 2.0.1 Search vendor "Apache" for product "Wss4j" and version "2.0.1" | - |
Affected
| ||||||