Vulnerability CVE-2023-0215 - CERT Civis.Net

Vulnerability Name:

CVE-2023-0215 (CCN-246614)

Assigned:

2023-02-07

Published:

2023-02-07

Updated:

2023-07-19

Summary:

OpenSSL is vulnerable to a denial of service, caused by a use-after-free error related to the incorrect handling of streaming ASN.1 data by the BIO_new_NDEF function. A remote attacker could exploit this vulnerability to cause a denial of service.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2023-0215

Source: XF
Type: UNKNOWN
openssl-cve20230215-dos(246614)

Source: openssl-security@openssl.org
Type: Patch, Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Patch, Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Patch, Vendor Advisory
openssl-security@openssl.org

Source: CCN
Type: Packet Storm Security [02-08-2023]
OpenSSL Toolkit 1.1.1t

Source: CCN
Type: Packet Storm Security [02-08-2023]
OpenSSL Toolkit 3.0.8

Source: CCN
Type: Packet Storm Security [02-07-2023]
OpenSSL Security Advisory 20230207

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: IBM Security Bulletin 6958701 (Sterling Connect:Express for UNIX)
IBM Sterling Connect:Express for UNIX is affected by multiple vulnerabilities in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6959033 (Business Automation Workflow traditional)
Multiple vulnerabilities in IBM SDK for Node.js and packaged modules affect IBM Business Automation Workflow Configuration Editor

Source: CCN
Type: IBM Security Bulletin 6960563 (MQ for HPE NonStop)
IBM MQ for HP NonStop Server is affected by multiple OpenSSL vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6960753 (Aspera faspio Gateway)
IBM Aspera faspio Gateway 1.3.2 has addressed multiple openssl vulnerabilities (CVE-2023-0401, CVE-2022-4203, CVE-2022-4304, CVE-2023-0216, CVE-2023-0215, CVE-2022-4450, CVE-2023-0217, CVE-2023-0286)

Source: CCN
Type: IBM Security Bulletin 6962773 (QRadar WinCollect Agent)
IBM QRadar WinCollect agent has multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6963622 (Watson Explorer)
IBM Watson Explorer affected by vulnerability in OpenSSL.

Source: CCN
Type: IBM Security Bulletin 6963634 (App Connect Enterprise)
Multiple vulnerabilities within OpenSSL and Node.js affect IBM App Connect Enterprise and IBM Integration Bus

Source: CCN
Type: IBM Security Bulletin 6963786 (Spectrum Protect Client)
Vulnerabilites in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)

Source: CCN
Type: IBM Security Bulletin 6964854 (AIX)
Multiple vulnerabilities in OpenSSL affect AIX

Source: CCN
Type: IBM Security Bulletin 6965816 (Spectrum Protect Plus)
Vulnerabilities in Node.js, libcurl, Golang Go, Jetty, Guava, Netty, OpenSSL, Linux kernel may affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6967701 (z/Transaction Processing Facility)
z/Transaction Processing Facility is affected by multiple OpenSSL vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6983555 (InfoSphere Information Server)
IBM InfoSphere Information Server is affected by multiple vulnerabilities in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6984425 (Virtualization Engine TS7700 3957-VEC)
Due to use of OpenSSL, IBM Virtualization Engine TS7700 is vulnerable to denial of service (CVE-2023-0215, CVE-2023-0286) and information disclosure (CVE-2022-4304)

Source: CCN
Type: IBM Security Bulletin 6984435 (App Connect Enterprise)
IBM App Connect Enterprise and IBM Integration Bus are vulnerable to denial of service and remote attack due to OpenSSL and cURL libcurl. (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286 & CVE-2022-42915).

Source: CCN
Type: IBM Security Bulletin 6984697 (MobileFirst Foundation)
OpenSSL publicly disclosed vulnerability affects IBM? MobileFirst Platform

Source: CCN
Type: IBM Security Bulletin 6985599 (Safer Payments)
Multiple publicly disclosed OpenSSL vulnerabilities affect IBM Safer Payments

Source: CCN
Type: IBM Security Bulletin 6986323 (MQ Operator)
IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, openssl, gnutls, libarchive and libsepol

Source: CCN
Type: IBM Security Bulletin 6986567 (MQ Appliance)
IBM MQ Appliance affected by multiple OpenSSL vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6987065 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service and loss of confidentiality due to [CVE-2022-4304], [CVE-2023-0215], [CVE-2023-0286]

Source: CCN
Type: IBM Security Bulletin 6987461 (DataPower Gateway)
IBM DataPower Gateway affected by multiple CVEs in OpenSSL

Source: CCN
Type: IBM Security Bulletin 6987551 (API Connect)
IBM API Connect is vulnerable to OpenSSL vulnerabilities (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)

Source: CCN
Type: IBM Security Bulletin 6988351 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6989163 (i)
OpenSSL for IBM i is vulnerable to denial of service attacks and the ability for remote attacker to obtain sensitive information due to multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6989193 (CICS TX Advanced)
CVE-2022-45142, CVE-2022-4304, CVE-2022-4450 and CVE-2023-0215 may affect IBM CICS TX Advanced 10.1

Source: CCN
Type: IBM Security Bulletin 6998707 (Power HMC)
Vulnerability in OpenSSL (CVE-2022-4304, CVE-2022-4450, CVE-2023-0215 and CVE-2023-0286 ) affects Power HMC

Source: CCN
Type: IBM Security Bulletin 6998727 (Cloud Pak for Automation)
Security vulnerabilities are addressed with IBM Cloud Pak for Business

Source: CCN
Type: IBM Security Bulletin 6998753 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: OpenSSL Security Advisory [7th February 2023]
Use-after-free following BIO_new_NDEF (CVE-2023-0215)

Source: openssl-security@openssl.org
Type: Vendor Advisory
openssl-security@openssl.org

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:9:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:9::baseos:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:3.0.0:*:*:*:*:*:*:*

AND

cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_connect:express:1.5.0:*:*:*:unix:*:*:*

OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:11.0.0.1:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:datapower_gateway:2018.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq_for_hpe_nonstop:8.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.3:*:deep_analytics:*:analytical_components:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:10.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:10.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise:12.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:19.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:19.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.1:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.4.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_client:8.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:22.0.1:-:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:22.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_client:8.1.7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.1.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.2.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.3.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.3.1.03:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.4.2.02:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7631	P	libopenssl-3-devel-3.0.8-150500.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8084	P	libopenssl-1_0_0-devel-1.0.2p-150000.3.73.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7630	P	libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)	2023-06-12
oval:com.redhat.rhsa:def:20231405	P	RHSA-2023:1405: openssl security update (Important)	2023-03-22
oval:com.redhat.rhsa:def:20230946	P	RHSA-2023:0946: openssl security and bug fix update (Important)	2023-03-21
oval:org.opensuse.security:def:51998	P	Security update for openssl-1_1 (Important)	2023-02-07