CVE-2016-7055

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.

References

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.securityfocus.com/bid/94242

http://www.securitytracker.com/id/1037261

https://access.redhat.com/errata/RHSA-2018:2185

https://access.redhat.com/errata/RHSA-2018:2186

https://access.redhat.com/errata/RHSA-2018:2187

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03752en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_us

https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc

https://security.gentoo.org/glsa/201702-07

https://www.openssl.org/news/secadv/20161110.txt

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.tenable.com/security/tns-2017-04

Details

Source: MITRE

Published: 2017-05-04

Updated: 2019-07-02

Type: CWE-320

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
124059Oracle Access Manager Multiple Vulnerabilities (Jan 2018 CPU)NessusMisc.
critical
119996SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2017:0855-1)NessusSuSE Local Security Checks
medium
119992SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2017:0431-1)NessusSuSE Local Security Checks
medium
111147RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 (RHSA-2018:2186)NessusRed Hat Local Security Checks
critical
111146RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 (RHSA-2018:2185)NessusRed Hat Local Security Checks
critical
106863openSUSE Security Update : openssl-steam (openSUSE-2018-168)NessusSuSE Local Security Checks
critical
102698ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)NessusMisc.
high
102699Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10775)NessusJunos Local Security Checks
high
101046Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)NessusMisc.
medium
100869H3C / HPE Intelligent Management Center PLAT < 7.3 E0504P04 Multiple VulnerabilitiesNessusWindows
critical
100868H3C / HPE Intelligent Management Center PLAT < 7.3 E0504P04 Multiple VulnerabilitiesNessusMisc.
critical
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
99593MySQL Enterprise Monitor 3.1.x < 3.1.7.8023 / 3.2.x < 3.2.7.1204 / 3.3.x < 3.3.3.1199 Multiple Vulnerabilities (April 2017 CPU)NessusCGI abuses
critical
99516MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)NessusDatabases
medium
99515MySQL 5.6.x < 5.6.36 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU) (Riddle)NessusDatabases
medium
99513MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)NessusDatabases
medium
99512MySQL 5.6.x < 5.6.36 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU) (Riddle)NessusDatabases
medium
99212openSUSE Security Update : nodejs4 (openSUSE-2017-442)NessusSuSE Local Security Checks
high
97726Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
medium
97292openSUSE Security Update : nodejs (openSUSE-2017-284)NessusSuSE Local Security Checks
high
97276openSUSE Security Update : openssl (openSUSE-2017-256)NessusSuSE Local Security Checks
high
97183GLSA-201702-07 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
97129SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:0441-1)NessusSuSE Local Security Checks
high
97102Slackware 14.2 / current : openssl (SSA:2017-041-02)NessusSlackware Local Security Checks
high
96985F5 Networks BIG-IP : OpenSSL vulnerability (K43570545)NessusF5 Networks Local Security Checks
medium
96927Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : openssl vulnerabilities (USN-3181-1)NessusUbuntu Local Security Checks
critical
96873OpenSSL 1.0.2 < 1.0.2k Multiple VulnerabilitiesNessusWeb Servers
medium
96821FreeBSD : OpenSSL -- multiple vulnerabilities (d455708a-e3d3-11e6-9940-b499baebfeaf)NessusFreeBSD Local Security Checks
high
9800OpenSSL 1.1.0 < 1.1.0c Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
94963OpenSSL 1.1.0 < 1.1.0c Multiple VulnerabilitiesNessusWeb Servers
high
94691FreeBSD : openssl -- multiple vulnerabilities (50751310-a763-11e6-a881-b499baebfeaf)NessusFreeBSD Local Security Checks
high