Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL31323265.NASL
HistoryMar 22, 2022 - 12:00 a.m.

F5 Networks BIG-IP : OpenSSL vulnerability (K31323265)

2022-03-2200:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16

7.9 High

AI Score

Confidence

High

JSON

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31323265 advisory.

  • The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self- signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). (CVE-2022-0778)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K31323265.
#
# @NOAGENT@
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(159139);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/18");

  script_cve_id("CVE-2022-0778");
  script_xref(name:"IAVA", value:"2022-A-0121-S");

  script_name(english:"F5 Networks BIG-IP : OpenSSL vulnerability (K31323265)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 /
17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31323265 advisory.

  - The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop
    forever for non-prime moduli. Internally this function is used when parsing certificates that contain
    elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point
    encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has
    invalid explicit curve parameters. Since certificate parsing happens prior to verification of the
    certificate signature, any process that parses an externally supplied certificate may thus be subject to a
    denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they
    can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients
    consuming server certificates - TLS servers consuming client certificates - Hosting providers taking
    certificates or private keys from customers - Certificate authorities parsing certification requests from
    subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that
    use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS
    issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate
    which makes it slightly harder to trigger the infinite loop. However any operation which requires the
    public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-
    signed certificate to trigger the loop during verification of the certificate signature. This issue
    affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the
    15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected
    1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). (CVE-2022-0778)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://my.f5.com/manage/s/article/K31323265");
  script_set_attribute(attribute:"solution", value:
"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K31323265.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0778");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/03/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/22");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_domain_name_system");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"F5 Networks Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("f5_bigip_detect.nbin");
  script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");

  exit(0);
}


include('f5_func.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var version = get_kb_item('Host/BIG-IP/version');
if ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');
if ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');
if ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');

if (report_paranoia < 2) audit(AUDIT_PARANOID);

var sol = 'K31323265';
var vmatrix = {
  'AFM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'APM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'ASM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'DNS': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'GTM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'LTM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'PEM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'PSM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  },
  'WOM': {
    'affected': [
      '16.1.0-16.1.2','15.1.0-15.1.5','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'
    ],
    'unaffected': [
      '17.0.0','16.1.2.2','15.1.5.1','14.1.4.6','13.1.5'
    ],
  }
};

if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
  var extra = NULL;
  if (report_verbosity > 0) extra = bigip_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : extra
  );
}
else
{
  var tested = bigip_get_tested_modules();
  var audit_extra = 'For BIG-IP module(s) ' + tested + ',';
  if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
  else audit(AUDIT_HOST_NOT, 'running any of the affected modules');
}
VendorProductVersionCPE
f5big-ipcpe:/h:f5:big-ip
f5big-ip_access_policy_managercpe:/a:f5:big-ip_access_policy_manager
f5big-ip_advanced_firewall_managercpe:/a:f5:big-ip_advanced_firewall_manager
f5big-ip_application_security_managercpe:/a:f5:big-ip_application_security_manager
f5big-ip_domain_name_systemcpe:/a:f5:big-ip_domain_name_system
f5big-ip_global_traffic_managercpe:/a:f5:big-ip_global_traffic_manager
f5big-ip_local_traffic_managercpe:/a:f5:big-ip_local_traffic_manager
f5big-ip_policy_enforcement_managercpe:/a:f5:big-ip_policy_enforcement_manager
f5big-ip_wan_optimization_managercpe:/a:f5:big-ip_wan_optimization_manager
f5big-ip_protocol_security_managercpe:/h:f5:big-ip_protocol_security_manager

Related

checkpoint_advisories 1
nessus 75
oraclelinux 8
hivepro 1
fortinet 1
osv 12
ibm 21
cve 1
slackware 1
cloudfoundry 2
alpinelinux 1
ubuntucve 1
amazon 2
fedora 1
redhat 7
openvas 32
rocky 3
cbl_mariner 1
debiancve 1
altlinux 5
prion 1
redos 1
aix 1
ics 1
githubexploit 5
github 1
checkpoint_security 2
photon 1
almalinux 2
paloalto 1
ubuntu 1
veracode 1
suse 1
thn 1
centos 1
cloudlinux 1
openssl 1
checkpoint_advisories
checkpoint_advisories
OpenSSL Denial of Service (CVE-2022-0778)
2022-03-27 00:00:00
nessus
nessus
RHEL 7 : openssl (RHSA-2022:1066)
2022-03-29 00:00:00
Tenable Nessus 10.x < 10.1.2 / 8.x < 8.15.4 Third-Party Vulnerability (TNS-2022-06)
2022-03-31 00:00:00
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-1849)
2022-06-15 00:00:00
oraclelinux
oraclelinux
openssl security update
2022-03-18 00:00:00
openssl security update
2022-03-18 00:00:00
openssl security update
2022-03-23 00:00:00
hivepro
hivepro
OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop
2022-03-17 14:17:00
fortinet
fortinet
Protect
2022-04-01 00:00:00
osv
osv
Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
2022-03-15 12:00:00
openssl1.0 - security update
2022-03-17 00:00:00
Important: openssl security update
2022-03-28 07:46:07
ibm
ibm
Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in the BN_mod_sqrt() function (CVE-2022-0778)
2022-04-14 16:25:12
Security Bulletin: AIX is vulnerable to a denial of service due to OpenSSL (CVE-2022-0778)
2022-05-13 16:44:54
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)
2022-05-17 10:15:25
cve
cve
CVE-2022-0778
2022-03-15 17:15:00
slackware
slackware
[slackware-security] openssl
2022-03-17 19:59:07
cloudfoundry
cloudfoundry
USN-5328-1: OpenSSL vulnerability | Cloud Foundry
2022-05-23 00:00:00
USN-5328-2: OpenSSL vulnerabilityUSN-5328-2: OpenSSL vulnerability | Cloud Foundry
2022-04-21 00:00:00
alpinelinux
alpinelinux
CVE-2022-0778
2022-03-15 17:15:00
ubuntucve
ubuntucve
CVE-2022-0778
2022-03-15 00:00:00
amazon
amazon
Important: openssl, openssl11
2022-03-15 18:49:00
Important: openssl
2022-03-15 18:54:00
fedora
fedora
[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35
2022-03-22 03:44:53
redhat
redhat
(RHSA-2022:1519) Important: Red Hat JBoss Web Server 5.6.2 Security Update
2022-05-02 11:02:22
(RHSA-2022:1073) Important: openssl security update
2022-03-28 08:56:18
(RHSA-2022:4899) Important: compat-openssl11 security and bug fix update
2022-06-02 21:13:31
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2023-1068)
2023-01-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0854-1)
2022-03-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:14915-1)
2022-03-16 00:00:00
rocky
rocky
compat-openssl11 security and bug fix update
2022-06-02 21:13:31
openssl security update
2022-03-28 07:46:07
compat-openssl10 security update
2022-06-28 10:53:54
cbl_mariner
cbl_mariner
CVE-2022-0778 affecting package openssl 1.1.1k-30
2022-04-09 06:51:56
debiancve
debiancve
CVE-2022-0778
2022-03-15 17:15:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1n-alt1
2022-03-24 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1n-alt1
2022-03-18 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.2u-alt1.p9.2
2022-03-24 00:00:00
prion
prion
Code injection
2022-03-15 17:15:00
redos
redos
ROS-20220318-02
2022-03-18 00:00:00
aix
aix
AIX is vulnerable to a denial of service due to OpenSSL
2022-05-13 09:32:08
ics
ics
Siemens OpenSSL Affected Industrial Products (Update E)
2023-01-13 12:00:00
githubexploit
githubexploit
Exploit for Infinite Loop in Openssl
2023-10-30 09:52:21
Exploit for Infinite Loop in Openssl
2022-04-18 07:51:18
Exploit for Infinite Loop in Openssl
2023-09-12 05:16:27
github
github
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
2022-03-16 00:00:45
checkpoint_security
checkpoint_security
Check Point response to CVE-2022-0778
2022-07-03 22:15:24
Check Point response to OpenSSL CVE-2022-0778 (possible infinite loop when parsing ECDSA certificates/keys)
2022-03-16 06:41:44
photon
photon
Important Photon OS Security Update - PHSA-2022-0162
2022-03-16 00:00:00
almalinux
almalinux
Low: compat-openssl10 security update
2022-06-30 00:00:00
Important: openssl security update
2022-03-28 07:46:07
paloalto
paloalto
Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778
2022-03-31 02:30:00
ubuntu
ubuntu
OpenSSL vulnerability
2022-03-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-03-16 09:55:55
suse
suse
Security update for openssl-1_0_0 (important)
2022-03-15 00:00:00
thn
thn
QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices
2022-03-31 03:23:00
centos
centos
openssl security update
2022-03-29 13:36:31
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-0778
2022-03-17 20:51:13
openssl
openssl
Vulnerability in OpenSSL CVE-2022-0778
2022-03-15 00:00:00

7.9 High

AI Score

Confidence

High

JSON
Related for F5_BIGIP_SOL31323265.NASL
checkpoint_advisories1nessus75oraclelinux8hivepro1fortinet1osv12ibm21cve1slackware1cloudfoundry2alpinelinux1ubuntucve1amazon2fedora1redhat7openvas32rocky3cbl_mariner1debiancve1altlinux5prion1redos1aix1ics1githubexploit5github1checkpoint_security2photon1almalinux2paloalto1ubuntu1veracode1suse1thn1centos1cloudlinux1openssl1