The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-chann…
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
https://cwe.mitre.org/data/definitions/310.html →Open in CWE collection →Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.
https://cwe.mitre.org/data/definitions/385.html →Open in CWE collection →An attacker initiates cross domain HTTP / GET requests and times the server responses. The timing of these responses may leak important information on what is happening on the server. Browser's same origin policy prevents the attacker from directly reading the server responses (in the absence of any other weaknesses), but does not prevent the attacker from timing the responses to requests that the attacker issued cross domain.
https://capec.mitre.org/data/definitions/462.html →Open in CAPEC collection →| Product | Vendor | Status |
|---|---|---|
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bouncycastle | Tracked | |
| bc-java | * | Tracked |
| legion-of-the-bouncy-castle-c#-cryptography-api | * | Tracked |