CVE-2016-8217 - OpenCVE

EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Dell	Bsafe Crypto-j

Configuration 1 [-]

cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/archive/1/540066/30/0/threaded	Mailing List Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/95831	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037732	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2017-02-03T07:24:00

Updated: 2017-07-24T12:57:01

Reserved: 2016-09-13T00:00:00

Link: CVE-2016-8217

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-02-03T07:59:00.437

Modified: 2021-12-16T18:44:44.330

Link: CVE-2016-8217

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2", "vendor": "n/a", "versions": [{"status": "affected", "version": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2"}]}], "datePublic": "2017-02-03T00:00:00", "descriptions": [{"lang": "en", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}], "problemTypes": [{"descriptions": [{"description": "PKCS#12 Timing Attack Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-24T12:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"name": "95831", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95831"}, {"name": "1037732", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037732"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2016-8217", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2", "version": {"version_data": [{"version_value": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "PKCS#12 Timing Attack Vulnerability"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/archive/1/540066/30/0/threaded", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"name": "95831", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95831"}, {"name": "1037732", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037732"}]}}}}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2016-8217", "datePublished": "2017-02-03T07:24:00", "dateReserved": "2016-09-13T00:00:00", "dateUpdated": "2017-07-24T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*", "matchCriteriaId": "851A69E5-4591-4C1E-8824-1A30F1B885C3", "versionEndExcluding": "6.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}, {"lang": "es", "value": "EMC RSA BSAFE Crypto-J en versiones anteriores a 6.2.2 tiene una vulnerabilidad de ataque de sincronizaci\u00f3n PKCS#12. Un posible ataque de sincronizaci\u00f3n podr\u00eda llevarse a cabo modificando un archivo PKCS#12 que tiene un MAC de integridad para el que no se conoce la contrase\u00f1a. Un atacante podr\u00eda entonces alimentar el archivo PKCS#12 modificado al toolkit y adivinar el MAC actual de un byte a la vez. Esto es posible porque Crypto-J utiliza un m\u00e9todo de tiempo no constante para comparar el MAC almacenado con el MAC calculado. Esta vulnerabilidad es similar al problema descrito en CVE-2015-2601."}], "id": "CVE-2016-8217", "lastModified": "2021-12-16T18:44:44.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-03T07:59:00.437", "references": [{"source": "security_alert@emc.com", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95831"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1037732"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}