CVE-2016-1000338 — HIGH (7.5)

Q: How severe is CVE-2016-1000338?

CVE-2016-1000338 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-1000338?

Check the references section above for vendor advisories and patch information. Affected products include: Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api, Redhat Satellite, Redhat Satellite Capsule, Canonical Ubuntu Linux, Netapp 7-Mode Transition Tool.

Vulnerability Description

In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Bouncycastle	Legion-Of-The-Bouncy-Castle-Java-Crytography-Api	>= 1.38, < 1.56
Redhat	Satellite	6.4
Redhat	Satellite Capsule	6.4
Canonical	Ubuntu Linux	14.04
Netapp	7-Mode Transition Tool	-

Related Weaknesses (CWE)

CWE-347

References

https://access.redhat.com/errata/RHSA-2018:2669Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2927Third Party Advisory
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7fPatchThird Party Advisory
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c24Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20231006-0011/Third Party Advisory
https://usn.ubuntu.com/3727-1/Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.htmlThird Party Advisory
https://access.redhat.com/errata/RHSA-2018:2669Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2927Third Party Advisory
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7fPatchThird Party Advisory
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c24Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20231006-0011/Third Party Advisory
https://usn.ubuntu.com/3727-1/Third Party Advisory

FAQ

What is CVE-2016-1000338?

CVE-2016-1000338 is a vulnerability with a CVSS score of 7.5 (HIGH). In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up th...

How severe is CVE-2016-1000338?

CVE-2016-1000338 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1000338?

Check the references section above for vendor advisories and patch information. Affected products include: Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api, Redhat Satellite, Redhat Satellite Capsule, Canonical Ubuntu Linux, Netapp 7-Mode Transition Tool.