Vulnerability Name:

CVE-2017-3736

Assigned:2016-12-16
Published:2017-11-02
Updated:2018-09-18
Summary:There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.
CVSS v3 Severity:6.5 Medium (CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.9 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.9 Medium (REDHAT CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (REDHAT Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
References:Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Source: BID
Type: VENDOR_ADVISORY
101666

Source: SECTRACK
Type: VENDOR_ADVISORY
1039727

Source: REDHAT
Type: UNKNOWN
RHSA-2018:0998

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2185

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2186

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2187

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2568

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2575

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2713

Source: XF
Type: UNKNOWN
openssl-cve20173736-info-disc(134397)

Source: MISC
Type: UNKNOWN
https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871

Source: FREEBSD
Type: VENDOR_ADVISORY
FreeBSD-SA-17:11

Source: GENTOO
Type: UNKNOWN
GLSA-201712-03

Source: CONFIRM
Type: VENDOR_ADVISORY
https://security.netapp.com/advisory/ntap-20171107-0002/

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20180117-0002/

Source: DEBIAN
Type: VENDOR_ADVISORY
DSA-4017

Source: DEBIAN
Type: VENDOR_ADVISORY
DSA-4018

Source: CONFIRM
Type: VENDOR_ADVISORY
https://www.openssl.org/news/secadv/20171102.txt

Source: CONFIRM
Type: VENDOR_ADVISORY
https://www.tenable.com/security/tns-2017-14

Source: CONFIRM
Type: UNKNOWN
https://www.tenable.com/security/tns-2017-15

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:oracle:e-business_suite:12.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_manager:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_manager:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearcase:8.0.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:flex_system_manager_node_7955:-:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:systems_director:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_for_virtual_environments:7.1:*:*:*:*:vmware:*:*
  • OR cpe:/a:oracle:agile_engineering_data_management:6.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager:12.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:tuxedo:12.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:transportation_management:6.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_engineering_data_management:6.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:monitoring:8.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:9.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:8.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:9.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_statistics:19.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.0.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq:7.1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20173736
    V
    CVE-2017-3736
    2018-09-20
    oval:com.redhat.rhsa:def:20180998
    P
    RHSA-2018:0998: openssl security and bug fix update (Moderate)
    2018-04-10
    oval:com.ubuntu.xenial:def:20173736000
    V
    CVE-2017-3736 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-11-02
    oval:com.ubuntu.trusty:def:20173736000
    V
    CVE-2017-3736 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-11-02
    oval:com.ubuntu.bionic:def:20173736000
    V
    CVE-2017-3736 on Ubuntu 18.04 LTS (bionic) - medium.
    2017-11-02
    oval:com.ubuntu.artful:def:20173736000
    V
    CVE-2017-3736 on Ubuntu 17.10 (artful) - medium.
    2017-11-02
    BACK
    openssl openssl 1.0.2l
    openssl openssl 1.1.0
    openssl openssl 1.1.0a
    openssl openssl 1.1.0b
    openssl openssl 1.1.0c
    openssl openssl 1.1.0d
    openssl openssl 1.1.0e
    openssl openssl 1.1.0f
    openssl openssl 1.0.2
    openssl openssl 1.1.0
    oracle e-business suite 12.1.3
    ibm infosphere information server 9.1
    ibm cognos business intelligence 10.2
    ibm rational clearcase 8.0.0.3
    ibm rational clearcase 8.0.0.4
    ibm rational clearcase 8.0.0.5
    ibm rational clearcase 8.0.0.6
    ibm rational clearcase 8.0.0.7
    ibm rational clearcase 8.0.1
    ibm cognos business intelligence 10.2.1
    ibm rational clearcase 8.0
    ibm rational clearcase 8.0.0.1
    ibm rational clearcase 8.0.0.2
    ibm rational clearcase 8.0.0.8
    ibm rational clearcase 8.0.1.1
    ibm cognos business intelligence 10.2.1.1
    ibm rational clearcase 8.0.1.2
    ibm rational clearcase 8.0.0.9
    ibm security identity manager 6.0
    ibm infosphere information server 11.3
    ibm rational clearcase 8.0.0.10
    ibm rational clearcase 8.0.1.3
    ibm rational clearcase 8.0.0.11
    ibm rational clearcase 8.0.1.4
    ibm rational clearcase 8.0.0.12
    ibm rational clearcase 8.0.1.5
    ibm cognos business intelligence 10.2.2
    ibm security identity manager 7.0
    ibm rational clearcase 8.0.0.13
    ibm rational clearcase 8.0.1.6
    ibm infosphere information server 11.5
    ibm security guardium 10.0
    oracle peoplesoft enterprise peopletools 8.54
    ibm flex system manager node 7955 -
    ibm systems director 1.2.2
    ibm spectrum protect for virtual environments 7.1
    oracle agile engineering data management 6.1.3.0
    oracle enterprise manager 12.1.0.5
    oracle tuxedo 12.1.1
    oracle transportation management 6.2
    oracle agile engineering data management 6.2.0.0
    oracle peoplesoft enterprise peopletools 8.55
    ibm api connect 5.0.1.0
    ibm api connect 5.0.0.0
    ibm api connect 5.0.0.1
    ibm api connect 5.0.2.0
    ibm security guardium 10.0.1
    ibm monitoring 8.1.3
    ibm security guardium 10.1
    ibm security guardium 10.1.2
    ibm websphere mq 7.0.1
    ibm websphere mq 7.1
    ibm websphere mq 8.0
    ibm websphere mq 9.0
    ibm api connect 5.0.5.0
    ibm api connect 5.0.6.0
    ibm websphere mq 9.0.0.1
    ibm api connect 5.0.6.1
    ibm api connect 5.0.6.2
    ibm api connect 5.0.7.0
    ibm api connect 5.0.7.1
    ibm websphere mq 8.0.0.1
    ibm websphere mq 8.0.0.2
    ibm websphere mq 8.0.0.3
    ibm websphere mq 8.0.0.4
    ibm websphere mq 8.0.0.5
    ibm api connect 5.0.3.0
    ibm api connect 5.0.4.0
    oracle enterprise manager ops center 12.2.2
    ibm api connect 5.0.7.2
    ibm websphere mq 8.0.0.6
    ibm websphere mq 8.0.0.7
    ibm websphere mq 9.0.0.2
    oracle peoplesoft enterprise peopletools 8.56
    ibm spss statistics 19.0.0.1
    ibm monitoring 8.1.4
    ibm api connect 5.0.6.3
    ibm api connect 5.0.6.4
    ibm security guardium 10.1.3
    ibm api connect 5.0.8.0
    ibm api connect 5.0.8.1
    ibm api connect 5.0.6.5
    ibm security guardium 10.1.4
    ibm websphere mq 7.0.1.1
    ibm websphere mq 7.0.1.2
    ibm websphere mq 7.0.1.3
    ibm websphere mq 7.0.1.4
    ibm websphere mq 7.0.1.5
    ibm websphere mq 7.0.1.6
    ibm websphere mq 7.0.1.7
    ibm websphere mq 7.0.1.8
    ibm websphere mq 7.0.1.9
    ibm websphere mq 7.0.1.10
    ibm websphere mq 7.0.1.11
    ibm websphere mq 7.0.1.12
    ibm websphere mq 7.0.1.13
    ibm websphere mq 7.0.1.14
    ibm websphere mq 7.1.0.1
    ibm websphere mq 7.1.0.2
    ibm websphere mq 7.1.0.3
    ibm websphere mq 7.1.0.4
    ibm websphere mq 7.1.0.5
    ibm websphere mq 7.1.0.6
    ibm websphere mq 7.1.0.7
    oracle enterprise manager ops center 12.3.3