CVE-2017-3732

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.

References

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.securityfocus.com/bid/95814

http://www.securitytracker.com/id/1037717

https://access.redhat.com/errata/RHSA-2018:2185

https://access.redhat.com/errata/RHSA-2018:2186

https://access.redhat.com/errata/RHSA-2018:2187

https://access.redhat.com/errata/RHSA-2018:2568

https://access.redhat.com/errata/RHSA-2018:2575

https://access.redhat.com/errata/RHSA-2018:2713

https://github.com/openssl/openssl/commit/a59b90bf491410f1f2bc4540cc21f1980fd14c5b

https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc

https://security.gentoo.org/glsa/201702-07

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03838en_us

https://www.openssl.org/news/secadv/20170126.txt

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.tenable.com/security/tns-2017-04

Details

Source: MITRE

Published: 2017-05-04

Updated: 2019-04-23

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Tenable Plugins

View all (45 total)

IDNameProductFamilySeverity
144773IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 Multiple Vulnerabilities (569301)NessusWeb Servers
critical
124059Oracle Access Manager Multiple Vulnerabilities (Jan 2018 CPU)NessusMisc.
critical
120126SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:3082-1)NessusSuSE Local Security Checks
critical
119996SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2017:0855-1)NessusSuSE Local Security Checks
medium
119992SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2017:0431-1)NessusSuSE Local Security Checks
medium
118293SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2839-2)NessusSuSE Local Security Checks
critical
117700SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2839-1)NessusSuSE Local Security Checks
critical
117587RHEL 6 : java-1.8.0-ibm (RHSA-2018:2713)NessusRed Hat Local Security Checks
critical
112178RHEL 6 : java-1.8.0-ibm (RHSA-2018:2575)NessusRed Hat Local Security Checks
critical
112131RHEL 7 : java-1.8.0-ibm (RHSA-2018:2568)NessusRed Hat Local Security Checks
critical
111147RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 (RHSA-2018:2186)NessusRed Hat Local Security Checks
critical
111146RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 (RHSA-2018:2185)NessusRed Hat Local Security Checks
critical
106885GLSA-201802-04 : MySQL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
106863openSUSE Security Update : openssl-steam (openSUSE-2018-168)NessusSuSE Local Security Checks
critical
106349Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)NessusWeb Servers
critical
106299Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)NessusWeb Servers
critical
105353SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3343-1)NessusSuSE Local Security Checks
medium
105341openSUSE Security Update : openssl (openSUSE-2017-1381)NessusSuSE Local Security Checks
medium
102698ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)NessusMisc.
high
102699Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10775)NessusJunos Local Security Checks
high
102056openSUSE Security Update : mysql-community-server (openSUSE-2017-866)NessusSuSE Local Security Checks
medium
101837Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (July 2017 CPU) (httpoxy)NessusMisc.
critical
101046Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)NessusMisc.
medium
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
99593MySQL Enterprise Monitor 3.1.x < 3.1.7.8023 / 3.2.x < 3.2.7.1204 / 3.3.x < 3.3.3.1199 Multiple Vulnerabilities (April 2017 CPU)NessusCGI abuses
critical
99516MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)NessusDatabases
medium
99515MySQL 5.6.x < 5.6.36 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU) (Riddle)NessusDatabases
medium
99513MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)NessusDatabases
medium
99512MySQL 5.6.x < 5.6.36 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU) (Riddle)NessusDatabases
medium
99212openSUSE Security Update : nodejs4 (openSUSE-2017-442)NessusSuSE Local Security Checks
high
97726Tenable SecurityCenter 5.x < 5.4.3 Multiple Vulnerabilities (TNS-2017-04) (httpoxy)NessusMisc.
medium
97292openSUSE Security Update : nodejs (openSUSE-2017-284)NessusSuSE Local Security Checks
high
97276openSUSE Security Update : openssl (openSUSE-2017-256)NessusSuSE Local Security Checks
high
97218F5 Networks BIG-IP : OpenSSL vulnerability (K44512851)NessusF5 Networks Local Security Checks
medium
97183GLSA-201702-07 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
97180Fedora 24 : 1:openssl (2017-e853b4144f)NessusFedora Local Security Checks
high
97129SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:0441-1)NessusSuSE Local Security Checks
high
97102Slackware 14.2 / current : openssl (SSA:2017-041-02)NessusSlackware Local Security Checks
high
97054Fedora 25 : 1:openssl (2017-3451dbec48)NessusFedora Local Security Checks
high
9934OpenSSL 1.0.2 < 1.0.2k Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
9933OpenSSL 1.1.0 < 1.1.0d Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
96927Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : openssl vulnerabilities (USN-3181-1)NessusUbuntu Local Security Checks
critical
96874OpenSSL 1.1.0 < 1.1.0d Multiple VulnerabilitiesNessusWeb Servers
medium
96873OpenSSL 1.0.2 < 1.0.2k Multiple VulnerabilitiesNessusWeb Servers
medium
96821FreeBSD : OpenSSL -- multiple vulnerabilities (d455708a-e3d3-11e6-9940-b499baebfeaf)NessusFreeBSD Local Security Checks
high