An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
[
{
"cpes": [
"cpe:2.3:a:bouncycastle:bouncy_castle_for_java:*:*:*:*:*:*:*:*"
],
"vendor": "bouncycastle",
"product": "bouncy_castle_for_java",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "1.78",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"
],
"vendor": "netapp",
"product": "active_iq_unified_manager",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*"
],
"vendor": "netapp",
"product": "bluexp",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*"
],
"vendor": "netapp",
"product": "ontap_tools",
"versions": [
{
"status": "affected",
"version": "9"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*"
],
"vendor": "netapp",
"product": "oncommand_workflow_automation",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]