Vulnerability CVE-2018-1000180

Vulnerability CVE-2018-1000180

Published: 2018-06-05

Description:

Type:

(Use of a Broken or Risky Cryptographic Algorithm)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
Redhat -> Jboss enterprise application platform
Redhat -> Virtualization
Oracle -> Weblogic server
Oracle -> Api gateway
Oracle -> Business process management suite
Oracle -> Business transaction management
Oracle -> Communications application session controller
Oracle -> Enterprise repository
Oracle -> Managed file transfer
Oracle -> Peoplesoft enterprise peopletools
Oracle -> Retail convenience and fuel pos software
Oracle -> Retail xstore point of service
Oracle -> Soa suite
Oracle -> Webcenter portal
Netapp -> Oncommand workflow automation
Debian -> Debian linux
Bouncycastle -> Fips java api
Bouncycastle -> Legion-of-the-bouncy-castle-java-crytography-api

http://www.securityfocus.com/bid/106567

https://access.redhat.com/errata/RHSA-2018:2423

https://access.redhat.com/errata/RHSA-2018:2424

https://access.redhat.com/errata/RHSA-2018:2425

https://access.redhat.com/errata/RHSA-2018:2428

https://access.redhat.com/errata/RHSA-2018:2643

https://access.redhat.com/errata/RHSA-2018:2669

https://access.redhat.com/errata/RHSA-2019:0877

https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad

https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839

https://security.netapp.com/advisory/ntap-20190204-0003/

https://www.bouncycastle.org/jira/browse/BJA-694

https://www.bountysource.com/issues/58293083-rsa-key-generation-computation-of-iterations-for-mr-primality-test

https://www.debian.org/security/2018/dsa-4233

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html