← Back

CVE-2013-0169

nvd nist
Published: Feb 8, 2013Modified: Apr 29, 2026

JSON object

Loading...
2.6
Vector
AV:N/AC:H/Au:N/C:P/I:N/A:N
Exploitability: 4.9 / Impact: 2.9
Source: NVD

Description

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.

Affected (72)

Openssl
1 product
Openssl
Oracle
1 product
Openjdk
Polarssl
1 product
Polarssl
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Openssl
Openssl
From 0.9.8 to 0.9.8x
Openssl
From 1.0.0 to 1.0.0j
Openssl
From 1.0.1 to 1.0.1d
Configuration B
47 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Openjdk
Version 1.6.0
Openjdk
Version 1.6.0 update10
Openjdk
Version 1.6.0 update11
Openjdk
Version 1.6.0 update12
Openjdk
Version 1.6.0 update13
Openjdk
Version 1.6.0 update14
Openjdk
Version 1.6.0 update15
Openjdk
Version 1.6.0 update16
Openjdk
Version 1.6.0 update17
Openjdk
Version 1.6.0 update18
Openjdk
Version 1.6.0 update19
Openjdk
Version 1.6.0 update1
Openjdk
Version 1.6.0 update20
Openjdk
Version 1.6.0 update21
Openjdk
Version 1.6.0 update22
Openjdk
Version 1.6.0 update23
Openjdk
Version 1.6.0 update24
Openjdk
Version 1.6.0 update25
Openjdk
Version 1.6.0 update26
Openjdk
Version 1.6.0 update27
Openjdk
Version 1.6.0 update29
Openjdk
Version 1.6.0 update2
Openjdk
Version 1.6.0 update30
Openjdk
Version 1.6.0 update31
Openjdk
Version 1.6.0 update32
Openjdk
Version 1.6.0 update33
Openjdk
Version 1.6.0 update34
Openjdk
Version 1.6.0 update35
Openjdk
Version 1.6.0 update37
Openjdk
Version 1.6.0 update38
Openjdk
Version 1.6.0 update3
Openjdk
Version 1.6.0 update4
Openjdk
Version 1.6.0 update5
Openjdk
Version 1.6.0 update6
Openjdk
Version 1.6.0 update7
Openjdk
Version 1.7.0
Openjdk
Version 1.7.0 update10
Openjdk
Version 1.7.0 update11
Openjdk
Version 1.7.0 update13
Openjdk
Version 1.7.0 update1
Openjdk
Version 1.7.0 update2
Openjdk
Version 1.7.0 update3
Openjdk
Version 1.7.0 update4
Openjdk
Version 1.7.0 update5
Openjdk
Version 1.7.0 update6
Openjdk
Version 1.7.0 update7
Openjdk
Version 1.7.0 update9
Configuration C
22 vulnerable
Vulnerable SoftwareAffected Versions
Polarssl
Polarssl
Version 0.10.0
Polarssl
Version 0.10.1
Polarssl
Version 0.11.0
Polarssl
Version 0.11.1
Polarssl
Version 0.12.0
Polarssl
Version 0.12.1
Polarssl
Version 0.13.1
Polarssl
Version 0.14.0
Polarssl
Version 0.14.2
Polarssl
Version 0.14.3
Polarssl
Version 0.99 pre1
Polarssl
Version 0.99 pre3
Polarssl
Version 0.99 pre4
Polarssl
Version 0.99 pre5
Polarssl
Version 1.0.0
Polarssl
Version 1.1.0
Polarssl
Version 1.1.0 rc0
Polarssl
Version 1.1.0 rc1
Polarssl
Version 1.1.1
Polarssl
Version 1.1.2
Polarssl
Version 1.1.3
Polarssl
Version 1.1.4

Related CWEs

CWE-310
CWE-310

References (110)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Mailing List
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party AdvisoryUS Government Resource
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party AdvisoryUS Government Resource
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Tool Signature
Source: secalert@redhat.com
Tool Signature
Source: secalert@redhat.com
Tool Signature
Source: secalert@redhat.com
Tool Signature
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Tool Signature
Source: af854a3a-2127-422b-91ae-364da2661108
Tool Signature
Source: af854a3a-2127-422b-91ae-364da2661108
Tool Signature
Source: af854a3a-2127-422b-91ae-364da2661108
Tool Signature
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.