Miggo Logo
Miggo Vulnerability Database
CVE-2007-6721

CVE-2007-6721:
Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

10

CVSS Score

Basic Information

CVE ID
CVE-2007-6721
GHSA ID
GHSA-m26p-m559-g5j5
EPSS Score
0.72041%
CWE
CWE-203
Published
5/1/2022
Updated
9/21/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Package NameEcosystemVulnerable VersionsFirst Patched Version
bouncycastle:bcprov-jdk14maven< 1.381.38
bouncycastle:bcprov-jdk15maven< 1.381.38
bouncycastle:bcprov-jdk16maven< 1.381.38

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability specifically affects RSA CMS signatures without signed attributes. The core issue lies in how the signature verification process handles PKCS#1 v1.5 padding when signed attributes are missing. The 'doVerify' method in Bouncy Castle's CMS SignerInformation class is responsible for signature validation. When signed attributes are absent, the verification logic likely fails to properly validate the padding structure, allowing an attacker to exploit observable discrepancies (CWE-203) in error responses or timing to perform a Bleichenbacher attack. This aligns with the CWE-203 classification and the described attack vector.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** L**ion o* t** *oun*y **stl* J*v* *rypto*r*p*y *PI ***or* r*l**s* *.**, *s us** in *rypto Provi**r P**k*** ***or* *.**, **s unknown imp**t *n* r*mot* *tt**k v**tors r*l*t** to "* *l*i***n*****r vuln*r**ility in simpl* RS* *MS si*n*tur*s wit*out si

Reasoning

T** vuln*r**ility sp**i*i**lly *****ts RS* *MS si*n*tur*s wit*out si*n** *ttri*ut*s. T** *or* issu* li*s in *ow t** si*n*tur* v*ri*i**tion `pro**ss` **n*l*s PK*S#* v*.* p***in* w**n si*n** *ttri*ut*s *r* missin*. T** '*oV*ri*y' m*t*o* in *oun*y **stl