vulnerability
FreeBSD: VID-6a131fbf-ec76-11e7-aa65-001b216d295b (CVE-2017-13098): The Bouncy Castle Crypto APIs: CVE-2017-13098 ("ROBOT")
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Dec 29, 2017 | Dec 31, 2017 | Mar 25, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Dec 29, 2017
Added
Dec 31, 2017
Modified
Mar 25, 2026
Description
The Legion of the Bouncy Castle reports: Release: 1.59 CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS when RSA key exchange is negotiated. This potentially affected BCJSSE servers and any other TLS servers configured to use JCE for the underlying crypto - note the two TLS implementations using the BC lightweight APIs are not affected by this.
Solutions
freebsd-upgrade-package-bouncycastlefreebsd-upgrade-package-bouncycastle15
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.