Details of VAR-201607-0468

ID

VAR-201607-0468

CVE

CVE-2015-5738

TITLE

Cavium Software Development Kit of RSA-CRT In the implementation of RSA Vulnerability to obtain a private key

Trust: 0.8

sources: JVNDB: JVNDB-2015-007219

DESCRIPTION

The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. GNU Libgcrypt is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information or impersonate trusted servers. Successful exploits will lead to other attacks. Cavium Development Kits (CDK) is a set of development kits from Cavium Corporation in the United States. Cavium Software Development Kit (SDK) is one of the software development kits. There are security vulnerabilities in the RSA-CRT implementation process in Cavium SDK version 2.x

Trust: 2.07

sources: NVD: CVE-2015-5738 // JVNDB: JVNDB-2015-007219 // BID: 76704 // VULHUB: VHN-83699 // VULMON: CVE-2015-5738

AFFECTED PRODUCTS

vendor:	f5	model:	traffix signaling delivery controller	scope:	lte	version:	3.5.1	Trust: 1.0
vendor:	marvell	model:	software development kit	scope:	eq	version:	2.0	Trust: 1.0
vendor:	f5	model:	traffix signaling delivery controller	scope:	gte	version:	3.3.2	Trust: 1.0
vendor:	f5	model:	traffix signaling delivery controller	scope:	gte	version:	4.0.0	Trust: 1.0
vendor:	f5	model:	traffix signaling delivery controller	scope:	lte	version:	4.4.0	Trust: 1.0
vendor:	cavium	model:	software development kit	scope:	eq	version:	2.x	Trust: 0.8
vendor:	cavium	model:	octeon ii cn6860	scope:	-	version:	-	Trust: 0.8
vendor:	cavium	model:	octeon ii cn6870	scope:	-	version:	-	Trust: 0.8
vendor:	cavium	model:	octeon ii cn6880	scope:	-	version:	-	Trust: 0.8
vendor:	fortinet	model:	fortios	scope:	lt	version:	5.0.13	Trust: 0.8
vendor:	fortinet	model:	fortios	scope:	lt	version:	5.2.6	Trust: 0.8
vendor:	fortinet	model:	fortios	scope:	lt	version:	5.4.0	Trust: 0.8
vendor:	cavium	model:	software development kit	scope:	eq	version:	2.0	Trust: 0.6

sources: JVNDB: JVNDB-2015-007219 // CNNVD: CNNVD-201509-430 // NVD: CVE-2015-5738

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-5738
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-5738
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201509-430
value:	HIGH
Trust: 0.6
VULHUB:	VHN-83699
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-5738
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-5738
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2015-5738
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-83699
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-5738
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2015-5738
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-83699 // VULMON: CVE-2015-5738 // JVNDB: JVNDB-2015-007219 // CNNVD: CNNVD-201509-430 // NVD: CVE-2015-5738

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-83699 // JVNDB: JVNDB-2015-007219 // NVD: CVE-2015-5738

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-430

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201509-430

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007219

PATCH

title:	OCTEON II CN68XX	url:	http://www.cavium.com/Table.html#OcteonII	Trust: 0.8
title:	RSA-CRT key leak under certain conditions	url:	http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions	Trust: 0.8
title:	Factoring RSA Keys With TLS Perfect Forward Secrecy	url:	https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf	Trust: 0.8
title:	SOL91245485	url:	https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html	Trust: 0.8
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: VULMON: CVE-2015-5738 // JVNDB: JVNDB-2015-007219

EXTERNAL IDS

db:	NVD	id:	CVE-2015-5738	Trust: 2.9
db:	BID	id:	76704	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-007219	Trust: 0.8
db:	CNNVD	id:	CNNVD-201509-430	Trust: 0.7
db:	VULHUB	id:	VHN-83699	Trust: 0.1
db:	VULMON	id:	CVE-2015-5738	Trust: 0.1

sources: VULHUB: VHN-83699 // VULMON: CVE-2015-5738 // BID: 76704 // JVNDB: JVNDB-2015-007219 // CNNVD: CNNVD-201509-430 // NVD: CVE-2015-5738

REFERENCES

url:	http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions	Trust: 2.1
url:	https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html	Trust: 1.8
url:	https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5738	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5738	Trust: 0.8
url:	http://www.securityfocus.com/bid/76704	Trust: 0.7
url:	https://www.gnu.org/software/libgcrypt/	Trust: 0.3
url:	http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479	Trust: 0.3
url:	http://seclists.org/oss-sec/2015/q3/522	Trust: 0.3
url:	http://arstechnica.com/security/2015/09/serious-bug-causes-quite-a-few-https-sites-to-reveal-their-private-keys/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/thdusdl1219/cve-study	Trust: 0.1

sources: VULHUB: VHN-83699 // VULMON: CVE-2015-5738 // BID: 76704 // JVNDB: JVNDB-2015-007219 // CNNVD: CNNVD-201509-430 // NVD: CVE-2015-5738

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 76704

SOURCES

db:	VULHUB	id:	VHN-83699
db:	VULMON	id:	CVE-2015-5738
db:	BID	id:	76704
db:	JVNDB	id:	JVNDB-2015-007219
db:	CNNVD	id:	CNNVD-201509-430
db:	NVD	id:	CVE-2015-5738

LAST UPDATE DATE

2024-08-14T15:03:14.922000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-83699	date:	2017-09-02T00:00:00
db:	VULMON	id:	CVE-2015-5738	date:	2023-08-16T00:00:00
db:	BID	id:	76704	date:	2016-07-06T14:42:00
db:	JVNDB	id:	JVNDB-2015-007219	date:	2016-08-03T00:00:00
db:	CNNVD	id:	CNNVD-201509-430	date:	2016-07-27T00:00:00
db:	NVD	id:	CVE-2015-5738	date:	2023-08-16T14:17:11.363

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-83699	date:	2016-07-26T00:00:00
db:	VULMON	id:	CVE-2015-5738	date:	2016-07-26T00:00:00
db:	BID	id:	76704	date:	2015-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-007219	date:	2016-08-03T00:00:00
db:	CNNVD	id:	CNNVD-201509-430	date:	2015-09-23T00:00:00
db:	NVD	id:	CVE-2015-5738	date:	2016-07-26T17:59:00.137