Vulnerability Details : CVE-2016-1000338
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
Products affected by CVE-2016-1000338
- cpe:2.3:a:redhat:satellite:6.4:-:*:*:*:*:*:*
- cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:*:*:*:*
- Bouncycastle » Legion-of-the-bouncy-castle-java-crytography-apiVersions from including (>=) 1.38 and before (<) 1.56cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1000338
0.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1000338
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST | 2024-08-29 |
CWE ids for CVE-2016-1000338
-
The product does not verify, or incorrectly verifies, the cryptographic signature for data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1000338
-
https://www.oracle.com/security-alerts/cpuoct2020.html
Oracle Critical Patch Update Advisory - October 2020Third Party Advisory
-
https://usn.ubuntu.com/3727-1/
USN-3727-1: Bouncy Castle vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report-Apache Mail ArchivesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2927
RHSA-2018:2927 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2669
RHSA-2018:2669 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report - Pony Mail
-
https://security.netapp.com/advisory/ntap-20231006-0011/
CVE-2016-1000338 Bouncy Castle Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
[SECURITY] [DLA 1418-1] bouncycastle security updateMailing List;Third Party Advisory
-
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
added length check for sequence in DSA signatures · bcgit/bc-java@b0c3ce9 · GitHubPatch;Third Party Advisory
Jump to