CVE-2016-1000342
bouncycastle: ECDSA improper validation of ASN.1 encoding of signature
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
En Bouncy Castle JCE Provider en versiones 1.55 y anteriores, el ECDSA no valida completamente el cifrado ASN.1 de la firma en verificación. Es posible inyectar elementos extra en la secuencia que forma la firma y, aún así, validarla. En algunos casos, esto podría permitir la introducción de datos "invisibles" en una estructura firmada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-06-04 CVE Reserved
- 2018-06-04 CVE Published
- 2024-08-06 CVE Updated
- 2024-09-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
- CWE-347: Improper Verification of Cryptographic Signature
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html | Mailing List | |
https://security.netapp.com/advisory/ntap-20181127-0004 | X_refsource_confirm | |
https://www.oracle.com/security-alerts/cpuoct2020.html | X_refsource_misc |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9 | 2020-10-20 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:2669 | 2020-10-20 | |
https://access.redhat.com/errata/RHSA-2018:2927 | 2020-10-20 | |
https://usn.ubuntu.com/3727-1 | 2020-10-20 | |
https://access.redhat.com/security/cve/CVE-2016-1000342 | 2018-10-16 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1588715 | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Bouncycastle Search vendor "Bouncycastle" | Legion-of-the-bouncy-castle-java-crytography-api Search vendor "Bouncycastle" for product "Legion-of-the-bouncy-castle-java-crytography-api" | <= 1.55 Search vendor "Bouncycastle" for product "Legion-of-the-bouncy-castle-java-crytography-api" and version " <= 1.55" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
|