CVE-2015-3193

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.

References

http://fortiguard.com/advisory/openssl-advisory-december-2015

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

http://openssl.org/news/secadv/20151203.txt

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl

http://www.fortiguard.com/advisory/openssl-advisory-december-2015

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.securityfocus.com/bid/78705

http://www.securityfocus.com/bid/91787

http://www.securitytracker.com/id/1034294

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.539966

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583

http://www.ubuntu.com/usn/USN-2830-1

https://blog.fuzzing-project.org/31-Fuzzing-Math-miscalculations-in-OpenSSLs-BN_mod_exp-CVE-2015-3193.html

https://bugzilla.redhat.com/show_bug.cgi?id=1288317

https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322

https://kb.isc.org/article/AA-01438

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100

Details

Source: MITRE

Published: 2015-12-06

Updated: 2017-11-30

Type: CWE-200

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (18 total)

IDNameProductFamilySeverity
105353SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3343-1)NessusSuSE Local Security Checks
medium
105341openSUSE Security Update : openssl (openSUSE-2017-1381)NessusSuSE Local Security Checks
medium
97218F5 Networks BIG-IP : OpenSSL vulnerability (K44512851)NessusF5 Networks Local Security Checks
medium
96316Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32)NessusJunos Local Security Checks
critical
94935Apple Xcode < 8.1 Node.js Multiple RCE (macOS)NessusMacOS X Local Security Checks
critical
9463OpenSSL 1.0.2 < 1.0.2e Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
92543Oracle Secure Global Desktop Multiple Vulnerabilities (July 2016 CPU)NessusMisc.
critical
90680Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)NessusMisc.
medium
89256Fedora 23 : openssl-1.0.2e-1.fc23 (2015-605de37b7f)NessusFedora Local Security Checks
high
88586GLSA-201601-05 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
88101Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL VulnerabilitiesNessusMacOS X Local Security Checks
medium
88100Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL VulnerabilitiesNessusWindows
medium
87387FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)NessusFreeBSD Local Security Checks
high
87378Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2015-349-04)NessusSlackware Local Security Checks
high
87375Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2015-349-01)NessusSlackware Local Security Checks
high
87236Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : openssl vulnerabilities (USN-2830-1)NessusUbuntu Local Security Checks
high
87222OpenSSL 1.0.2 < 1.0.2e Multiple VulnerabilitiesNessusWeb Servers
medium
87213FreeBSD : openssl -- multiple vulnerabilities (4c8d1d72-9b38-11e5-aece-d050996490d0)NessusFreeBSD Local Security Checks
high