OpenSSL up to 1.0.2o/1.1.0h RSA Key Generation cryptographic issue
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.6 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as critical has been found in OpenSSL up to 1.0.2o/1.1.0h. The impacted element is an unknown function of the component RSA Key Generation. Executing a manipulation can lead to cryptographic issue. This vulnerability is handled as CVE-2018-0737. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.
Details
A vulnerability has been found in OpenSSL up to 1.0.2o/1.1.0h (Network Encryption Software) and classified as critical. This vulnerability affects an unknown part of the component RSA Key Generation. The manipulation with an unknown input leads to a cryptographic issue vulnerability. The CWE definition for the vulnerability is CWE-310. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
The bug was discovered 04/16/2018. The weakness was released 04/16/2018 as confirmed git commit (GIT Repository). The advisory is available at git.openssl.org. This vulnerability was named CVE-2018-0737 since 11/30/2017. The exploitation appears to be difficult. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1600 by the MITRE ATT&CK project.
The vulnerability scanner Nessus provides a plugin with the ID 109364 (Amazon Linux 2 : openssl (ALAS-2018-1004)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Amazon Linux Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 157823 (Oracle Enterprise Linux Security Update for openssl (ELSA-2018-4249)).
Upgrading to version 1.0.2p-dev or 1.1.0i-dev eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.openssl.org. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (109364) and SecurityFocus (BID 103766†). Entries connected to this vulnerability are available at VDB-90449, VDB-91385, VDB-91680 and VDB-91681. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Name
Version
- 1.0.2
- 1.0.2a
- 1.0.2b
- 1.0.2c
- 1.0.2d
- 1.0.2e
- 1.0.2f
- 1.0.2g
- 1.0.2h
- 1.0.2i
- 1.0.2j
- 1.0.2k
- 1.0.2l
- 1.0.2m
- 1.0.2n
- 1.0.2o
- 1.1.0
- 1.1.0a
- 1.1.0b
- 1.1.0c
- 1.1.0d
- 1.1.0e
- 1.1.0f
- 1.1.0g
- 1.1.0h
License
Support
- end of life (old version)
Website
- Product: https://www.openssl.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.7VulDB Meta Temp Score: 5.6
VulDB Base Score: 5.6
VulDB Temp Score: 5.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 5.9
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cryptographic issueCWE: CWE-310
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 109364
Nessus Name: Amazon Linux 2 : openssl (ALAS-2018-1004)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 54688
OpenVAS Name: OpenSSL Cache Timing Side Channel Attack Information Disclosure Vulnerability (Windows)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
Exposure Time: 🔍
Upgrade: OpenSSL 1.0.2p-dev/1.1.0i-dev
Patch: 349a41da1ad88ad87825414752a8ff5fdd6a6c3f
Timeline
11/30/2017 🔍04/16/2018 🔍
04/16/2018 🔍
04/16/2018 🔍
04/16/2018 🔍
04/17/2018 🔍
04/26/2018 🔍
04/27/2018 🔍
02/28/2023 🔍
Sources
Product: openssl.orgAdvisory: RHSA-2018:3221
Researcher: Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia, Luis Manuel Alvarez Tapia.
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2018-0737 (🔍)
GCVE (CVE): GCVE-0-2018-0737
GCVE (VulDB): GCVE-100-116266
OVAL: 🔍
SecurityFocus: 103766 - OpenSSL CVE-2018-0737 Side Channel Attack Information Disclosure Vulnerability
SecurityTracker: 1040685
See also: 🔍
Entry
Created: 04/17/2018 09:49Updated: 02/28/2023 09:57
Changes: 04/17/2018 09:49 (78), 01/25/2020 13:54 (6), 02/10/2021 08:22 (2), 02/10/2021 08:25 (1), 02/28/2023 09:57 (4)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.