Lucene search

[email protected]CVE-2022-4304

HistoryFeb 08, 2023 - 8:15 p.m.

CVE-2022-4304

2023-02-0820:15:23

CWE-203

[email protected]

web.nvd.nist.gov

517

cve-2022-4304

openssl

rsa decryption

bleichenbacher attack

side channel

network security

timing attack

plaintext recovery

nvd

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

A timing based side channel exists in the OpenSSL RSA Decryption implementation
which could be sufficient to recover a plaintext across a network in a
Bleichenbacher style attack. To achieve a successful decryption an attacker
would have to be able to send a very large number of trial messages for
decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,
RSA-OEAP and RSASVE.

For example, in a TLS connection, RSA is commonly used by a client to send an
encrypted pre-master secret to the server. An attacker that had observed a
genuine connection between a client and a server could use this flaw to send
trial messages to the server and record the time taken to process them. After a
sufficiently large number of messages the attacker could recover the pre-master
secret used for the original connection and thus be able to decrypt the
application data sent over that connection.

Affected configurations

NVD

Node

opensslopensslRange1.0.2–1.0.2zg

opensslopensslRange1.1.1–1.1.1t

opensslopensslRange3.0.0–3.0.8

Node

stormshieldendpoint_securityRange<7.2.40

stormshieldsslvpnRange<3.2.1

stormshieldstormshield_network_securityRange2.7.0–2.7.11

stormshieldstormshield_network_securityRange2.8.0–3.7.34

stormshieldstormshield_network_securityRange3.8.0–3.11.22

stormshieldstormshield_network_securityRange4.0.0–4.3.16

stormshieldstormshield_network_securityRange4.4.0–4.6.3

CPENameOperatorVersion
openssl:opensslopenssllt1.0.2zg
openssl:opensslopenssllt1.1.1t
openssl:opensslopenssllt3.0.8

CPE	Name	Operator	Version
openssl:openssl	openssl	lt	1.0.2zg
openssl:openssl	openssl	lt	1.1.1t
openssl:openssl	openssl	lt	3.0.8

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "lessThan": "3.0.8",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "1.1.1t",
        "status": "affected",
        "version": "1.1.1",
        "versionType": "custom"
      },
      {
        "lessThan": "1.0.2zg",
        "status": "affected",
        "version": "1.0.2",
        "versionType": "custom"
      }
    ]
  }
]