Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2023 Greenbone AGOPENVAS:1361412562310104902
HistorySep 08, 2023 - 12:00 a.m.

OpenSSL Security Vulnerability (20230908) - Windows

2023-09-0800:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
5
openssl
security vulnerability
poly1305 mac
windows
update
avx512-ifma

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

OpenSSL is prone to a security vulnerability.

# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:openssl:openssl";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.104902");
  script_version("2023-10-26T05:07:17+0000");
  script_tag(name:"last_modification", value:"2023-10-26 05:07:17 +0000 (Thu, 26 Oct 2023)");
  script_tag(name:"creation_date", value:"2023-09-08 13:21:45 +0000 (Fri, 08 Sep 2023)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-09-14 16:43:00 +0000 (Thu, 14 Sep 2023)");

  script_cve_id("CVE-2023-4807");

  # nb: Only specific environments are affected, see the affected tag.
  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("OpenSSL Security Vulnerability (20230908) - Windows");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("General");
  script_dependencies("gb_openssl_consolidation.nasl", "os_detection.nasl");
  script_mandatory_keys("openssl/detected", "Host/runs_windows");

  script_tag(name:"summary", value:"OpenSSL is prone to a security vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The POLY1305 MAC (message authentication code) implementation
  contains a bug that might corrupt the internal state of applications.");

  script_tag(name:"impact", value:"If in an application that uses the OpenSSL library an attacker
  can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted
  with various application dependent consequences.");

  script_tag(name:"affected", value:"OpenSSL versions 1.1.1 to 1.1.1v, 3.0.0 to 3.0.10, and 3.1.0 to
  3.1.2 are vulnerable to this issue.

  Notes:

  - The FIPS provider is not affected because the POLY1305 MAC algorithm is not FIPS approved and
  the FIPS provider does not implement it.

  - OpenSSL version 1.0.2 is not affected by this issue.

  - This flaw only affects the Windows 64 platform and only when running on newer X86_64 processors
  supporting the AVX512-IFMA instructions.");

  script_tag(name:"solution", value:"Update to version 1.1.1w, 3.0.11, 3.1.3 or later.");

  script_xref(name:"URL", value:"https://www.openssl.org/news/secadv/20230908.txt");
  script_xref(name:"URL", value:"https://www.openssl.org/news/vulnerabilities-1.1.1.html#CVE-2023-4807");
  script_xref(name:"URL", value:"https://www.openssl.org/news/vulnerabilities-3.0.html#CVE-2023-4807");
  script_xref(name:"URL", value:"https://www.openssl.org/news/vulnerabilities-3.1.html#CVE-2023-4807");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (isnull(port = get_app_port(cpe: CPE)))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_in_range(version: version, test_version: "1.1.1", test_version2: "1.1.1v")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "1.1.1w", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "3.0.0", test_version2: "3.0.10")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "3.0.11", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "3.1.0", test_version2: "3.1.2")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "3.1.3", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Related

prion 1
redos 2
openvas 7
nessus 11
ubuntucve 1
cve 1
openssl 1
cbl_mariner 1
ibm 23
osv 1
debiancve 1
alpinelinux 1
redhatcve 1
cvelist 1
photon 3
ics 3
hp 1
oracle 1
prion
prion
Design/Logic Flaw
2023-09-08 12:15:00
redos
redos
ROS-20230918-02
2023-09-18 00:00:00
ROS-20240409-06
2024-04-09 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3255)
2023-12-12 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3283)
2023-12-12 00:00:00
Tenable Nessus Multiple Vulnerabilities (TNS-2023-36)
2023-11-23 00:00:00
nessus
nessus
EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-3255)
2024-01-16 00:00:00
EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-3283)
2024-01-16 00:00:00
OpenSSL 3.1.0 < 3.1.3 Vulnerability
2023-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2023-4807
2023-09-08 00:00:00
cve
cve
CVE-2023-4807
2023-09-08 12:15:08
openssl
openssl
Vulnerability in OpenSSL CVE-2023-4807
2023-09-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-4807 affecting package kata-containers for versions less than 3.2.0.azl1-1
2024-05-17 21:38:35
ibm
ibm
Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service (CVE-2023-4807)
2023-12-14 19:03:22
Security Bulletin: IBM DataPower Gateway potentially vulnerable to a denial of service (CVE-2023-4807)
2023-12-13 20:15:16
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
2024-03-14 05:18:41
osv
osv
CVE-2023-4807
2023-09-08 12:15:08
debiancve
debiancve
CVE-2023-4807
2023-09-08 12:15:08
alpinelinux
alpinelinux
CVE-2023-4807
2023-09-08 12:15:08
redhatcve
redhatcve
CVE-2023-4807
2023-09-08 15:05:36
cvelist
cvelist
CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows
2023-09-08 11:01:53
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0472
2023-09-15 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0651
2023-09-15 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0096
2023-09-20 00:00:00
ics
ics
Siemens SIMATIC RTLS Locating Manager
2024-05-16 12:00:00
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for OPENVAS:1361412562310104902
prion1redos2openvas7nessus11ubuntucve1cve1openssl1cbl_mariner1ibm23osv1debiancve1alpinelinux1redhatcve1cvelist1photon3ics3hp1oracle1