Search for vulnerabilities
Vulnerability details: VCID-myr7-uyar-aaad
Vulnerability ID VCID-myr7-uyar-aaad
Aliases CVE-2017-13098
GHSA-wrwf-pmmj-w989
Summary BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-203 Observable Discrepancy
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-300 Channel Accessible by Non-Endpoint
System Score Found at
cvssv3.1 9.8 http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
generic_textual CRITICAL http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13098.html
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
epss 0.00340 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00340 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00340 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00340 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.00558 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.61384 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.61384 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.67119 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.73009 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.73009 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.73009 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.73009 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.73009 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.76277 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
epss 0.82383 https://api.first.org/data/v1/epss?cve=CVE-2017-13098
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1525528
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-wrwf-pmmj-w989
cvssv3.1 5.5 https://github.com/bcgit/bc-java
generic_textual LOW https://github.com/bcgit/bc-java
cvssv3.1 5.9 https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
generic_textual MODERATE https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2017-13098
cvssv3 5.9 https://nvd.nist.gov/vuln/detail/CVE-2017-13098
cvssv3.1 5.9 https://robotattack.org
generic_textual MODERATE https://robotattack.org
generic_textual Medium https://robotattack.org/
cvssv3.1 5.9 https://security.netapp.com/advisory/ntap-20171222-0001
generic_textual MODERATE https://security.netapp.com/advisory/ntap-20171222-0001
cvssv3.1 5.9 https://www.debian.org/security/2017/dsa-4072
generic_textual MODERATE https://www.debian.org/security/2017/dsa-4072
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpuoct2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1 5.9 http://www.kb.cert.org/vuls/id/144389
generic_textual MODERATE http://www.kb.cert.org/vuls/id/144389
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-13098.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
https://api.first.org/data/v1/epss?cve=CVE-2017-13098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
https://github.com/bcgit/bc-java
https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
https://robotattack.org
https://robotattack.org/
https://security.netapp.com/advisory/ntap-20171222-0001
https://security.netapp.com/advisory/ntap-20171222-0001/
https://www.debian.org/security/2017/dsa-4072
https://www.oracle.com/security-alerts/cpuoct2020.html
http://www.kb.cert.org/vuls/id/144389
http://www.securityfocus.com/bid/102195
1525528 https://bugzilla.redhat.com/show_bug.cgi?id=1525528
884241 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*
CVE-2017-13098 https://nvd.nist.gov/vuln/detail/CVE-2017-13098
GHSA-wrwf-pmmj-w989 https://github.com/advisories/GHSA-wrwf-pmmj-w989
Data source Metasploit
Description Some TLS implementations handle errors processing RSA key exchanges and encryption (PKCS #1 v1.5 messages) in a broken way that leads an adaptive chosen-chiphertext attack. Attackers cannot recover a server's private key, but they can decrypt and sign messages with it. A strong oracle occurs when the TLS server does not strictly check message formatting and needs less than a million requests on average to decode a given ciphertext. A weak oracle server strictly checks message formatting and often requires many more requests to perform the attack. This module requires Python 3 with the gmpy2 and cryptography packages to be present.
Note 
AKA:
  - ROBOT
  - Adaptive chosen-ciphertext attack
Ransomware campaign use Unknown
Source publication date June 17, 2009
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/bleichenbacher_oracle.py
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00011.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13098.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/bcgit/bc-java
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-13098
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-13098
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://robotattack.org
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20171222-0001
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2017/dsa-4072
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://www.kb.cert.org/vuls/id/144389
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.71083
EPSS Score 0.00340
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.