Vulnerability CVE-2023-0464

Vulnerability Name:

CVE-2023-0464 (CCN-250736)

Assigned:

2023-03-22

Published:

2023-03-22

Updated:

2023-06-08

Summary:

OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains that include policy constraints. By creating a specially crafted certificate chain that triggers exponential use of computational resources, a remote attacker could exploit this vulnerability to cause a denial of service.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2023-0464

Source: XF
Type: UNKNOWN
openssl-cve20230464-dos(250736)

Source: openssl-security@openssl.org
Type: Mailing List, Patch
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Patch
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Patch
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: UNKNOWN
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: UNKNOWN
openssl-security@openssl.org

Source: CCN
Type: IBM Security Bulletin 6989163 (i)
OpenSSL for IBM i is vulnerable to denial of service attacks and the ability for remote attacker to obtain sensitive information due to multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6998753 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7002193 (Watson Explorer DAE Foundational Components)
IBM Watson Explorer affected by vulnerability in OpenSSL

Source: CCN
Type: IBM Security Bulletin 7002461 (CICS TX Advanced)
CVE-2023-0464 may affect IBM CICS TX Advanced 10.1

Source: CCN
Type: IBM Security Bulletin 7005589 (Spectrum Protect Plus)
Vulnerabilities in Apache Commons, Tomcat, Go, libcurl, OpenSSL, Python, Node.js, and Linux can affect IBM Spectrum Protect Plus.

Source: CCN
Type: IBM Security Bulletin 7014253 (QRadar WinCollect Agent)
IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7014659 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7015309 (Safer Payments)
Multiple OpenSSL vulnerabilities affect IBM Safer Payments

Source: CCN
Type: OpenSSL Security Advisory [22nd March 2023]
Excessive Resource Usage Verifying X.509 Policy Constraints (CVE-2023-0464)

Source: openssl-security@openssl.org
Type: Vendor Advisory
openssl-security@openssl.org

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:3.0.0:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:3.1.0:-:*:*:*:*:*:*

AND

cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.1:*:deep_analytics:*:foundational_components:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.2.2:*:deep_analytics:*:foundational_components:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.0.3:*:foundational_components:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.1:*:foundational_components:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.0.0:*:foundational_components:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.2.0:*:foundational_components:*:*:*:*:*

OR cpe:/o:ibm:i:7.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.1.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.2.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.3.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.2.0:*:deep_analytics:*:foundational_components:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.0:*:deep_analytics:*:foundational_components:*:*:*

OR cpe:/a:ibm:safer_payments:6.3.1.04:*:*:*:*:*:*:*

OR cpe:/a:ibm:safer_payments:6.4.2.03:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7630	P	libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7631	P	libopenssl-3-devel-3.0.8-150500.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8084	P	libopenssl-1_0_0-devel-1.0.2p-150000.3.73.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:55528	P	Security update for openssl-1_1 (Moderate)	2023-04-04

BACK