ID

VAR-201809-1122


CVE

CVE-2018-9194


TITLE

TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding

Trust: 0.8

sources: CERT/CC: VU#144389

DESCRIPTION

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a "ROBOT attack". Fortinet FortiOS Contains a cryptographic vulnerability.Information may be obtained. Fortinet FortiOS is the American Fortinet ( Fortinet ) company developed a set dedicated to FortiGate A secure operating system on a cybersecurity platform. The system provides users with firewall, antivirus, IPSec/SSL VPN , Web Multiple security features such as content filtering and anti-spam. Fortinet FortiOS 5.4.6 version to 5.4.9 Version, 6.0.0 version and 6.0.1 There is a security hole in the version. Attackers can exploit this vulnerability to obtain TLS session key and decrypt TLS flow

Trust: 2.52

sources: NVD: CVE-2018-9194 // CERT/CC: VU#144389 // JVNDB: JVNDB-2018-009372 // VULHUB: VHN-139226 // VULMON: CVE-2018-9194

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:eqversion:6.0.0

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 1.6

vendor:fortinetmodel:fortiosscope:lteversion:5.4.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.4.6

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:citrixmodel: - scope: - version: -

Trust: 0.8

vendor:erlangmodel: - scope: - version: -

Trust: 0.8

vendor:f5model: - scope: - version: -

Trust: 0.8

vendor:legion of the bouncy castlemodel: - scope: - version: -

Trust: 0.8

vendor:matrixsslmodel: - scope: - version: -

Trust: 0.8

vendor:micro focusmodel: - scope: - version: -

Trust: 0.8

vendor:wolfsslmodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel:fortiosscope: - version: -

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 0.6

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 0.6

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 0.6

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 0.6

sources: CERT/CC: VU#144389 // JVNDB: JVNDB-2018-009372 // CNNVD: CNNVD-201809-225 // NVD: CVE-2018-9194

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-9194
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-9194
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201809-225
value: MEDIUM

Trust: 0.6

VULHUB: VHN-139226
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-9194
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-9194
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-139226
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-9194
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-139226 // VULMON: CVE-2018-9194 // JVNDB: JVNDB-2018-009372 // CNNVD: CNNVD-201809-225 // NVD: CVE-2018-9194

PROBLEMTYPE DATA

problemtype:CWE-203

Trust: 1.1

problemtype:CWE-310

Trust: 0.9

sources: VULHUB: VHN-139226 // JVNDB: JVNDB-2018-009372 // NVD: CVE-2018-9194

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-225

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201809-225

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-009372

PATCH

title:FG-IR-17-302url:https://fortiguard.com/psirt/FG-IR-17-302

Trust: 0.8

title:Fortinet FortiOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84556

Trust: 0.6

title:Fortinet Security Advisories: The ROBOT Attack - Return of Bleichenbacher's Oracle Threaturl:https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=FG-IR-17-302

Trust: 0.1

sources: VULMON: CVE-2018-9194 // JVNDB: JVNDB-2018-009372 // CNNVD: CNNVD-201809-225

EXTERNAL IDS

db:CERT/CCid:VU#144389

Trust: 3.4

db:NVDid:CVE-2018-9194

Trust: 2.6

db:JVNDBid:JVNDB-2018-009372

Trust: 0.8

db:CNNVDid:CNNVD-201809-225

Trust: 0.7

db:VULHUBid:VHN-139226

Trust: 0.1

db:VULMONid:CVE-2018-9194

Trust: 0.1

sources: CERT/CC: VU#144389 // VULHUB: VHN-139226 // VULMON: CVE-2018-9194 // JVNDB: JVNDB-2018-009372 // CNNVD: CNNVD-201809-225 // NVD: CVE-2018-9194

REFERENCES

url:https://www.kb.cert.org/vuls/id/144389

Trust: 1.8

url:https://fortiguard.com/advisory/fg-ir-17-302

Trust: 1.8

url:https://robotattack.org/

Trust: 1.8

url:http://cwe.mitre.org/data/definitions/203.html

Trust: 0.9

url:https://robotattack.org

Trust: 0.8

url:https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-meyer.pdf

Trust: 0.8

url:http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf

Trust: 0.8

url:https://www.cert.org/historical/advisories/ca-1998-07.cfm

Trust: 0.8

url:https://tools.ietf.org/html/rfc5246#section-7.4.7.1

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171212-bleichenbacher

Trust: 0.8

url:https://support.citrix.com/article/ctx230238

Trust: 0.8

url:https://support.f5.com/csp/article/k21905460

Trust: 0.8

url:https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c

Trust: 0.8

url:https://github.com/matrixssl/matrixssl/blob/master/doc/changes.md

Trust: 0.8

url:https://support.microfocus.com/kb/doc.php?id=7022561

Trust: 0.8

url:https://github.com/wolfssl/wolfssl/pull/1229

Trust: 0.8

url:https://community.rsa.com/docs/doc-85268

Trust: 0.8

url:https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9194

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-9194

Trust: 0.8

url:https://www.kb.cert.org/vuls/id/144389/

Trust: 0.8

url:https://nvd.nist.gov

Trust: 0.1

url:https://fortiguard.com/psirt/fg-ir-17-302

Trust: 0.1

sources: CERT/CC: VU#144389 // VULHUB: VHN-139226 // VULMON: CVE-2018-9194 // JVNDB: JVNDB-2018-009372 // CNNVD: CNNVD-201809-225 // NVD: CVE-2018-9194

SOURCES

db:CERT/CCid:VU#144389
db:VULHUBid:VHN-139226
db:VULMONid:CVE-2018-9194
db:JVNDBid:JVNDB-2018-009372
db:CNNVDid:CNNVD-201809-225
db:NVDid:CVE-2018-9194

LAST UPDATE DATE

2024-08-14T13:08:21.735000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#144389date:2018-04-09T00:00:00
db:VULHUBid:VHN-139226date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-9194date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-009372date:2018-11-16T00:00:00
db:CNNVDid:CNNVD-201809-225date:2019-10-23T00:00:00
db:NVDid:CVE-2018-9194date:2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:CERT/CCid:VU#144389date:2017-12-12T00:00:00
db:VULHUBid:VHN-139226date:2018-09-05T00:00:00
db:VULMONid:CVE-2018-9194date:2018-09-05T00:00:00
db:JVNDBid:JVNDB-2018-009372date:2018-11-16T00:00:00
db:CNNVDid:CNNVD-201809-225date:2018-09-06T00:00:00
db:NVDid:CVE-2018-9194date:2018-09-05T13:29:00.637