My Oracle Support Banner

WebLogic Server (WLS) SSL May Incorrectly Verify RSA Signatures if the RSA Key Exponent is 3 (Doc ID 944228.1)

Last updated on AUGUST 12, 2021

Applies to:

Oracle WebLogic Server - Version 8.1 to 9.2
Information in this document applies to any platform.

Purpose

WebLogic SSL may verify RSA signatures incorrectly if the RSA public key exponent is 3. An attacker can create certificates with a forged signature that causes the SSL certificate chain to be improperly verified.

Questions and Answers

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Questions and Answers
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.