Lucene search
K

NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0124)

🗓️ 25 Jul 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 5 Views

NewStart CGSL MAIN 7.02 openssl contains bugs in key and IV processing, affecting cipher modes confidentiality.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-yaml, OpenSSL, GnuTLS , OpenTelemetry-Go, go-toolset and urllib3
30 Jan 202408:15
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities in Cloud Pak foundational services are addressed with IBM Cloud Pak for Business Automation 24.0.1-IF001
28 Feb 202509:11
ibm
IBM Security Bulletins
Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now fixed in Storage Scale System 6.2.3.3 and 7.0.0.0 or higher
15 Dec 202520:22
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
15 Mar 202500:18
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase
15 Jul 202413:22
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Operator package issues
2 Apr 202517:43
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerabilities affect multiple packages shipped with IBM CICS TX Advanced.
28 Apr 202510:33
ibm
IBM Security Bulletins
Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.
17 Jan 202415:16
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware
15 Apr 202502:41
ibm
IBM Security Bulletins
Security Bulletin: IBM MaaS360 Cloud Extender VPN Module affected by vulnerability (CVE-2024-4741)
17 Jul 202414:49
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2025-0124. The text
# itself is copyright (C) ZTE, Inc.
##

include('compat.inc');

if (description)
{
  script_id(242811);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/07/25");

  script_cve_id(
    "CVE-2023-3446",
    "CVE-2023-5363",
    "CVE-2023-5678",
    "CVE-2023-6129",
    "CVE-2023-6237",
    "CVE-2024-0727",
    "CVE-2024-2511",
    "CVE-2024-4603",
    "CVE-2024-4741",
    "CVE-2024-5535",
    "CVE-2024-6119",
    "CVE-2024-12797",
    "CVE-2024-13176"
  );
  script_xref(name:"IAVA", value:"2023-A-0398-S");
  script_xref(name:"IAVA", value:"2023-A-0582-S");
  script_xref(name:"IAVA", value:"2024-A-0121-S");
  script_xref(name:"IAVA", value:"2024-A-0208-S");
  script_xref(name:"IAVA", value:"2024-A-0321-S");
  script_xref(name:"IAVA", value:"2024-A-0541-S");
  script_xref(name:"IAVA", value:"2025-A-0127-S");

  script_name(english:"NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0124)");

  script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple
vulnerabilities:

  - Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.
    This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.
    Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of
    confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or
    EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been
    established. Any alterations to the key length, via the keylen parameter or the IV length, via the
    ivlen parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing
    truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4,
    RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of
    confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a
    deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both
    truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in
    some cases, trigger a memory exception. However, these issues are not currently assessed as security
    critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable
    API was recently introduced. Furthermore it is likely that application developers will have spotted this
    problem during testing since decryption would fail unless both peers in the communication were similarly
    vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be
    quite low. However if an application is vulnerable then this issue is considered very serious. For these
    reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is
    not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the
    issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.
    (CVE-2023-5363)

  - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:
    Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key
    or DH parameters may experience long delays. Where the key or parameters that are being checked have been
    obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs
    various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too
    large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is
    over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or
    parameters that have been supplied. Some of those checks use the supplied modulus value even if it has
    already been found to be too large. An application that calls DH_check() and supplies a key or parameters
    obtained from an untrusted source could be vulernable to a Denial of Service attack. The function
    DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those
    other functions may similarly be affected. The other functions affected by this are DH_check_ex() and
    EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
    when using the '-check' option. The OpenSSL SSL/TLS implementation is not affected by this issue. The
    OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. (CVE-2023-3446)

  - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or
    parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to
    generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(),
    DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may
    experience long delays. Where the key or parameters that are being checked have been obtained from an
    untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks
    (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable
    for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an
    excessively large P, it doesn't check for an excessively large Q. An application that calls
    DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source
    could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also
    called by a number of other OpenSSL functions. An application calling any of those other functions may
    similarly be affected. The other functions affected by this are DH_check_pub_key_ex(),
    EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line
    application when using the -pubcheck option, as well as the OpenSSL genpkey command line application.
    The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers
    are not affected by this issue. (CVE-2023-5678)

  - Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might
    corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides
    vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is
    used, the application state might be corrupted with various application dependent consequences. The
    POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the
    contents of vector registers in a different order than they are saved. Thus the contents of some of these
    vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer
    PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal
    application state corruption can be various - from no consequences, if the calling application does not
    depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker
    could get complete control of the application process. However unless the compiler uses the vector
    registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some
    application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm
    is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated
    data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If
    this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used.
    This implies that TLS server applications using OpenSSL can be potentially impacted. However we are
    currently not aware of any concrete application that would be affected by this issue therefore we consider
    this a Low severity security issue. (CVE-2023-6129)

  - Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary:
    Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long
    delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a
    Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is
    done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more
    large primes and this computation completes quickly. However, if n is an overly large prime, then this
    computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA
    key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function
    EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL
    pkey command line application. For that reason that application is also vulnerable if used with the
    '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by
    this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue. (CVE-2023-6237)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/notice/NS-SA-2025-0124");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-3446");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-5363");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-5678");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-6129");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-6237");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-0727");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-12797");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-13176");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-2511");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-4603");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-4741");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-5535");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2024-6119");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE
for more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-5363");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/06/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/07/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/07/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:openssl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:openssl-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:openssl-static");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var os_release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(os_release) || os_release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');

if (os_release !~ "CGSL\sMAIN\s7\.02")
  audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 7.02');

if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);

var flag = 0;

var pkgs = {
  'CGSL MAIN 7.02': [
    'openssl-3.0.12-3.zncgsl7.21',
    'openssl-devel-3.0.12-3.zncgsl7.21',
    'openssl-libs-3.0.12-3.zncgsl7.21',
    'openssl-static-3.0.12-3.zncgsl7.21'
  ]
};
var pkg_list = pkgs[os_release];
var pkg;
foreach (pkg in pkg_list)
  if (rpm_check(reference:pkg, release:'ZTE ' + os_release, rpm_spec_vers_cmp:TRUE)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

25 Jul 2025 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5 - 9.1
EPSS0.66594
SSVC
5