CVE-2018-1000613

Published Jul 9, 2018

Last updated 4 days ago

CVSS critical 9.8

Overview

Description: Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-470

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "103B84A1-259F-499D-BF18-BC356433F826",
            "versionEndExcluding": "1.60",
            "versionStartIncluding": "1.58"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5553591-073B-45E3-999F-21B8BA2EEE22"
          },
          {
            "criteria": "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8972497F-6E24-45A9-9A18-EB0E842CB1D4"
          },
          {
            "criteria": "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "400509A8-D6F2-432C-A2F1-AD5B8778D0D9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "132CE62A-FBFC-4001-81EC-35D81F73AF48"
          },
          {
            "criteria": "cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "013043A2-0765-4AF5-ABFC-6A8960FFBFD2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B887E174-57AB-449D-AEE4-82DD1A3E5C84"
          },
          {
            "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906"
          },
          {
            "criteria": "cpe:2.3:a:oracle:business_transaction_management:12.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD9D7511-2934-4974-9C9E-3BE03B846734"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC967A48-D834-4E9B-8CEC-057E7D5B8174"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F920CDE4-DF29-4611-93E9-A386C89EDB62"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC361999-AAD8-4CB3-B00E-E3990C3529B4",
            "versionEndExcluding": "7.0.0.1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_converged_application_server:7.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BDED89A-7C6F-41E9-A91F-9B09D401F85D"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_convergence:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19E630B9-B5E5-442A-B75C-1E4771072A03"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4534CF9-D9FD-4936-9D8C-077387028A05"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCA44E38-EB8C-4E2D-8611-B201F47520E9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77120A3C-9A48-45FC-A620-5072AF325ACF",
            "versionEndExcluding": "7.2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB"
          },
          {
            "criteria": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9901F6BA-78D5-45B8-9409-07FF1C6DDD38"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98F3E643-4B65-4668-BB11-C61ED54D5A53"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FEB8446-7EAC-4A8D-B6EE-3AAC2294C324"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7582B307-3899-4BBB-B868-BC912A4D0109"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4E0F9A-D925-43FB-A1B7-452EEAE6BE2D"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96B35E9A-5557-4D77-AE53-816B3C481E02"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69300B13-8C0F-4433-A6E8-B2CE32C4723D"
          },
          {
            "criteria": "cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9E13DD9-F456-4802-84AD-A2A1F12FE999"
          },
          {
            "criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.1.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEB446C9-1AC2-4D7D-83DE-08934DDFC8B4"
          },
          {
            "criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2E3E923-E2AD-400D-A618-26ADF7F841A2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64"
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889"
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D"
          },
          {
            "criteria": "cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78DE9DFD-BB57-4BCF-BF73-FFCFF62420D5"
          },
          {
            "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F87FC90-16D0-4051-8280-B0DD4441F10B"
          },
          {
            "criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0ED83E3-E6BF-4EAA-AF8F-33485A88A218"
          },
          {
            "criteria": "cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF4C318C-5D1E-479B-9597-9FAD9E186111"
          },
          {
            "criteria": "cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65994DC4-C9C0-48B0-88AB-E2958B4EB9E3"
          },
          {
            "criteria": "cpe:2.3:a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE188B12-D28E-490C-9948-F5305A7D55BF"
          },
          {
            "criteria": "cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51D7B9B6-B41A-4DEA-9946-59A84FAC57E5"
          },
          {
            "criteria": "cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EB1CD1A-E760-4357-AF51-B38A852FA980"
          },
          {
            "criteria": "cpe:2.3:a:oracle:utilities_network_management_system:2.3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "693C97B5-25B4-4DF3-A7D7-02C722A3DD88"
          },
          {
            "criteria": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7756147-7168-4E03-93EE-31379F6BE88E"
          },
          {
            "criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728"
          },
          {
            "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBFF04EF-B1C3-4601-878A-35EA6A15EF0C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References