{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-33201", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T15:39:35.708Z", "dateReserved": "2023-05-18T00:00:00", "datePublished": "2023-07-05T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-24T18:06:18.676012"}, "descriptions": [{"lang": "en", "value": "Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://bouncycastle.org"}, {"url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc"}, {"url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201"}, {"name": "[debian-lts-announce] 20230802 [SECURITY] [DLA 3514-1] bouncycastle security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html"}, {"url": "https://security.netapp.com/advisory/ntap-20230824-0008/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:39:35.708Z"}, "title": "CVE Program Container", "references": [{"url": "https://bouncycastle.org", "tags": ["x_transferred"]}, {"url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc", "tags": ["x_transferred"]}, {"url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230802 [SECURITY] [DLA 3514-1] bouncycastle security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html"}, {"url": "https://security.netapp.com/advisory/ntap-20230824-0008/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bouncycastle:bc-java:*:*:*:*:*:*:*:*", "matchCriteriaId": "93E9273D-E54C-43EF-8822-39FA3C2834E0", "versionEndExcluding": "1.74", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability."}], "id": "CVE-2023-33201", "lastModified": "2023-08-24T19:15:38.933", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-05T03:15:09.197", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://bouncycastle.org"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html"}, {"source": "cve@mitre.org", "url": "https://security.netapp.com/advisory/ntap-20230824-0008/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:0278", "cpe": "cpe:/a:redhat:amq_broker:7.11", "package": "bouncycastle", "product_name": "AMQ Broker 7.11.5", "release_date": "2024-01-17T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8:2.4.0-2", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-operator-bundle:2.4.0-2", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-reports-rhel8:2.4.0-2", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-rhel8:2.4.0-2", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-rhel8-operator:2.4.0-3", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:7669", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/jfr-datasource-rhel8:2.4.0-2", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:5488", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "bouncycastle", "product_name": "EAP 7.4.13", "release_date": "2023-10-05T00:00:00Z"}, {"advisory": "RHSA-2023:5165", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.5.0", "release_date": "2023-09-14T00:00:00Z"}, {"advisory": "RHSA-2023:7678", "cpe": "cpe:/a:redhat:amq_streams:2", "package": "bouncycastle", "product_name": "Red Hat AMQ Streams 2.6.0", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2024:3527", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.7.0", "release_date": "2024-05-30T00:00:00Z"}, {"advisory": "RHSA-2023:3954", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "bouncycastle", "product_name": "Red Hat Fuse 7.12", "release_date": "2023-06-29T00:00:00Z"}, {"advisory": "RHSA-2023:5485", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2023-10-06T00:00:00Z"}, {"advisory": "RHSA-2023:5486", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2023-10-06T00:00:00Z"}, {"advisory": "RHSA-2023:5484", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2023-10-05T00:00:00Z"}, {"advisory": "RHSA-2023:7488", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6.6", "package": "bouncycastle", "product_name": "Red Hat Single Sign-On 7", "release_date": "2023-11-24T00:00:00Z"}, {"advisory": "RHSA-2023:7482", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", "package": "rh-sso7-keycloak-0:18.0.11-2.redhat_00001.1.el7sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 7", "release_date": "2023-11-24T00:00:00Z"}, {"advisory": "RHSA-2023:7483", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", "package": "rh-sso7-keycloak-0:18.0.11-2.redhat_00001.1.el8sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 8", "release_date": "2023-11-24T00:00:00Z"}, {"advisory": "RHSA-2023:7484", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package": "rh-sso7-keycloak-0:18.0.11-2.redhat_00001.1.el9sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date": "2023-11-24T00:00:00Z"}, {"advisory": "RHSA-2023:7486", "cpe": "cpe:/a:redhat:rhosemc:1.0::el8", "package": "rh-sso-7/sso76-openshift-rhel8:7.6-36", "product_name": "RHEL-8 based Middleware Containers", "release_date": "2023-11-24T00:00:00Z"}, {"advisory": "RHSA-2023:5147", "cpe": "cpe:/a:redhat:camel_spring_boot:3.18", "package": "bouncycastle", "product_name": "RHINT Camel-Springboot 3.18.3.2", "release_date": "2023-09-13T00:00:00Z"}, {"advisory": "RHSA-2024:1353", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", "package": "bouncycastle", "product_name": "RHPAM 7.13.5 async", "release_date": "2024-03-18T00:00:00Z"}], "bugzilla": {"description": "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", "id": "2215465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.", "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user."], "name": "CVE-2023-33201", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "bouncycastle", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/elasticsearch6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:amq_online:1", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat A-MQ Online"}, {"cpe": "cpe:/a:redhat:service_registry:2", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat build of Apicurio Registry"}, {"cpe": "cpe:/a:redhat:quarkus:2", "fix_state": "Will not fix", "package_name": "org.bouncycastle/bcprov-jdk15on", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Affected", "package_name": "bouncycastle", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat Integration Change Data Capture"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Will not fix", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "impact": "low", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Affected", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "bouncycastle", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Out of support scope", "package_name": "bouncycastle", "product_name": "Red Hat OpenShift Application Runtimes"}], "public_date": "2023-06-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-33201\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-33201\nhttps://github.com/bcgit/bc-java/wiki/CVE-2023-33201"], "threat_severity": "Moderate", "upstream_fix": "BouncyCastle 1.74"}