CVE-2016-8217 - OpenCVE

EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dell	Bsafe Crypto-j

Configuration 1 [-]

cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/archive/1/540066/30/0/threaded
http://www.securityfocus.com/bid/95831
http://www.securitytracker.com/id/1037732

History

No history.

MITRE

Status: PUBLISHED

Assigner: dell

Published: 2017-02-03T07:24:00

Updated: 2024-08-06T02:13:21.795Z

Reserved: 2016-09-13T00:00:00

Link: CVE-2016-8217

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2017-02-03T07:59:00.437

Modified: 2021-12-16T18:44:44.330

Link: CVE-2016-8217

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2", "vendor": "n/a", "versions": [{"status": "affected", "version": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2"}]}], "datePublic": "2017-02-03T00:00:00", "descriptions": [{"lang": "en", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}], "problemTypes": [{"descriptions": [{"description": "PKCS#12 Timing Attack Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-24T12:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"name": "95831", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95831"}, {"name": "1037732", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037732"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2016-8217", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2", "version": {"version_data": [{"version_value": "RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "PKCS#12 Timing Attack Vulnerability"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/archive/1/540066/30/0/threaded", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"name": "95831", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95831"}, {"name": "1037732", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037732"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.795Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"name": "95831", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95831"}, {"name": "1037732", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037732"}]}]}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2016-8217", "datePublished": "2017-02-03T07:24:00", "dateReserved": "2016-09-13T00:00:00", "dateUpdated": "2024-08-06T02:13:21.795Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*", "matchCriteriaId": "851A69E5-4591-4C1E-8824-1A30F1B885C3", "versionEndExcluding": "6.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601."}, {"lang": "es", "value": "EMC RSA BSAFE Crypto-J en versiones anteriores a 6.2.2 tiene una vulnerabilidad de ataque de sincronizaci\u00f3n PKCS#12. Un posible ataque de sincronizaci\u00f3n podr\u00eda llevarse a cabo modificando un archivo PKCS#12 que tiene un MAC de integridad para el que no se conoce la contrase\u00f1a. Un atacante podr\u00eda entonces alimentar el archivo PKCS#12 modificado al toolkit y adivinar el MAC actual de un byte a la vez. Esto es posible porque Crypto-J utiliza un m\u00e9todo de tiempo no constante para comparar el MAC almacenado con el MAC calculado. Esta vulnerabilidad es similar al problema descrito en CVE-2015-2601."}], "id": "CVE-2016-8217", "lastModified": "2021-12-16T18:44:44.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-03T07:59:00.437", "references": [{"source": "security_alert@emc.com", "tags": ["Mailing List", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540066/30/0/threaded"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95831"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1037732"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}