CVE-2020-28052

HIGH

Legion of the Bouncy Castle BC Java <1.67 - Info Disclosure

Title source: llm

Description

An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.

Exploits (2)

nomisec WORKING POC

by kurenaif · poc

https://github.com/kurenaif/CVE-2020-28052_PoC

View Code ZIP pw:eip

nomisec WRITEUP

by madstap · poc

https://github.com/madstap/bouncy-castle-generative-test-poc

View Code ZIP pw:eip

References (26)

[Mitigation, Patch, Third Party Advisory] https://github.com/bcgit/bc-java/wiki/CVE-2020-28052

[Mailing List] https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe%40%3Cissues.karaf.apache.org%3E

[Release Notes, Vendor Advisory] https://www.bouncycastle.org/releasenotes.html

[Patch, Third Party Advisory] https://www.oracle.com//security-alerts/cpujul2021.html

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuApr2021.html

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuapr2022.html

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpujan2022.html

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpujul2022.html

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuoct2021.html

[Exploit, Third Party Advisory] https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/

[Mailing List] https://lists.apache.org/thread.html/r175f5a25d100dbe2b1bd3459b3ce882a84c3ff91b120ed4ff2d57b53%40%3Ccommits.pulsar.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a%40%3Ccommits.druid.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013%40%3Cissues.karaf.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b%40%3Cissues.karaf.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r37d332c0bf772f4982d1fdeeb2f88dd71dab6451213e69e43734eadc%40%3Ccommits.pulsar.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc%40%3Cissues.karaf.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94%40%3Cissues.karaf.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r8c36ba34e80e05eecb1f80071cc834d705616f315b634ec0c7d8f42e%40%3Cissues.solr.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f%40%3Ccommits.druid.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c%40%3Cissues.karaf.apache.org%3E

... and 6 more

Scores

CVSS v3 8.1

EPSS 0.0410

EPSS Percentile 88.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (46)

apache/karaf 4.3.2

bouncycastle/bc-java 1.65

bouncycastle/bc-java 1.66

oracle/banking_corporate_lending_process_management 14.2.0

oracle/banking_corporate_lending_process_management 14.3.0

oracle/banking_corporate_lending_process_management 14.5.0

oracle/banking_credit_facilities_process_management 14.2.0

oracle/banking_credit_facilities_process_management 14.3.0

oracle/banking_credit_facilities_process_management 14.5.0

oracle/banking_extensibility_workbench 14.2.0

... and 36 more

Published Dec 18, 2020

Tracked Since Feb 18, 2026