CVE-2019-1547

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

References

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html

http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html

https://arxiv.org/abs/1909.01785

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a

https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/

https://seclists.org/bugtraq/2019/Oct/0

https://seclists.org/bugtraq/2019/Oct/1

https://seclists.org/bugtraq/2019/Sep/25

https://security.gentoo.org/glsa/201911-04

https://security.netapp.com/advisory/ntap-20190919-0002/

https://security.netapp.com/advisory/ntap-20200122-0002/

https://security.netapp.com/advisory/ntap-20200416-0003/

https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS

https://usn.ubuntu.com/4376-1/

https://usn.ubuntu.com/4376-2/

https://usn.ubuntu.com/4504-1/

https://www.debian.org/security/2019/dsa-4539

https://www.debian.org/security/2019/dsa-4540

https://www.openssl.org/news/secadv/20190910.txt

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

https://www.tenable.com/security/tns-2019-08

https://www.tenable.com/security/tns-2019-09

Details

Source: MITRE

Published: 2019-09-10

Updated: 2020-10-20

Type: CWE-311

Risk Information

CVSS v2

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

CVSS v3

Base Score: 4.7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.0.2 to 1.0.2s (inclusive)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.1.0 to 1.1.0k (inclusive)

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from 1.1.1 to 1.1.1c (inclusive)

Tenable Plugins

View all (59 total)

IDNameProductFamilySeverity
150664SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14174-1)NessusSuSE Local Security Checks
low
150594SUSE SLES11 Security Update : openssl1 (SUSE-SU-2019:14171-1)NessusSuSE Local Security Checks
low
145975CentOS 8 : openssl (CESA-2020:1840)NessusCentOS Local Security Checks
medium
143010RHEL 8 : openssl (RHSA-2020:1840)NessusRed Hat Local Security Checks
medium
140645Ubuntu 16.04 LTS / 18.04 LTS : OpenSSL vulnerabilities (USN-4504-1)NessusUbuntu Local Security Checks
medium
138622Amazon Linux 2 : openssl11 (ALAS-2020-1456)NessusAmazon Linux Local Security Checks
medium
136967Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : OpenSSL vulnerabilities (USN-4376-1)NessusUbuntu Local Security Checks
medium
135941FreeBSD : MySQL Server -- Multiple vulerabilities (21d59ea3-8559-11ea-a5e2-d4c9ef517024)NessusFreeBSD Local Security Checks
critical
135235RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP2 (RHSA-2020:1337)NessusRed Hat Local Security Checks
critical
134897Amazon Linux 2 : openssl (ALAS-2020-1406)NessusAmazon Linux Local Security Checks
low
134740EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1274)NessusHuawei Local Security Checks
low
134510EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2020-1221)NessusHuawei Local Security Checks
low
133091Oracle Enterprise Manager Ops Center (Jan 2020 CPU)NessusMisc.
critical
133042Oracle Secure Global Desktop Multiple Vulnerabilities (January 2020 CPU)NessusMisc.
medium
132958MySQL 8.0.x < 8.0.19 Multiple Vulnerabilities (Jan 2020 CPU)NessusDatabases
critical
132956MySQL 5.6.x < 5.6.47 Multiple Vulnerabilities (Jan 2020 CPU)NessusDatabases
medium
132942FreeBSD : MySQL -- Multiple vulerabilities (a6cf65ad-37d2-11ea-a1c7-b499baebfeaf)NessusFreeBSD Local Security Checks
critical
132937Oracle MySQL Connectors OpenSSL (Jan 2020 CPU)NessusMisc.
medium
132926SUSE SLED12 / SLES12 Security Update : openssl-1_1 (SUSE-SU-2020:0099-1)NessusSuSE Local Security Checks
medium
132817EulerOS Virtualization for ARM 64 3.0.5.0 : openssl (EulerOS-SA-2020-1063)NessusHuawei Local Security Checks
medium
132815EulerOS Virtualization for ARM 64 3.0.5.0 : compat-openssl10 (EulerOS-SA-2020-1061)NessusHuawei Local Security Checks
low
131617EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-2464)NessusHuawei Local Security Checks
low
131584EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2019-2430)NessusHuawei Local Security Checks
low
130807EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2019-2098)NessusHuawei Local Security Checks
low
130806EulerOS 2.0 SP8 : openssl (EulerOS-SA-2019-2097)NessusHuawei Local Security Checks
medium
130726EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2264)NessusHuawei Local Security Checks
low
130716EulerOS 2.0 SP3 : openssl1.1.0f (EulerOS-SA-2019-2254)NessusHuawei Local Security Checks
low
130680EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)NessusHuawei Local Security Checks
low
130678EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-2216)NessusHuawei Local Security Checks
low
130636GLSA-201911-04 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
low
130113Photon OS 3.0: Openssl PHSA-2019-3.0-0032NessusPhotonOS Local Security Checks
low
130056Oracle VM VirtualBox 5.2.x < 5.2.34 / 6.0.x < 6.0.14 (Oct 2019 CPU)NessusWindows
high
130055Oracle VM VirtualBox 5.2.x < 5.2.34 / 6.0.x < 6.0.14 (Oct 2019 CPU) (MacOSX)NessusMacOS X Local Security Checks
high
129786Photon OS 1.0: Openssl PHSA-2019-1.0-0252NessusPhotonOS Local Security Checks
low
129692Photon OS 2.0: Openssl PHSA-2019-2.0-0177NessusPhotonOS Local Security Checks
low
129684Photon OS 1.0: Openssl PHSA-2019-1.0-0255NessusPhotonOS Local Security Checks
low
129676SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2019:2561-1)NessusSuSE Local Security Checks
low
129674SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2019:2558-1)NessusSuSE Local Security Checks
low
129670openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2269)NessusSuSE Local Security Checks
low
129669openSUSE Security Update : openssl-1_0_0 (openSUSE-2019-2268)NessusSuSE Local Security Checks
low
129635Fedora 31 : 1:openssl (2019-9ab7ee6309)NessusFedora Local Security Checks
medium
129528SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2019:2504-1)NessusSuSE Local Security Checks
low
129513Fedora 29 : 1:openssl (2019-d51641f152)NessusFedora Local Security Checks
medium
129507Debian DSA-4540-1 : openssl1.0 - security updateNessusDebian Local Security Checks
low
129506Debian DSA-4539-1 : openssl - security updateNessusDebian Local Security Checks
medium
129380openSUSE Security Update : openssl-1_1 (openSUSE-2019-2189)NessusSuSE Local Security Checks
low
129362Debian DLA-1932-1 : openssl security updateNessusDebian Local Security Checks
low
129327Fedora 30 : 1:openssl (2019-d15aac6c4e)NessusFedora Local Security Checks
medium
129281openSUSE Security Update : openssl-1_1 (openSUSE-2019-2158)NessusSuSE Local Security Checks
low
129155SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2413-1)NessusSuSE Local Security Checks
low
129153SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2410-1)NessusSuSE Local Security Checks
low
129047SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:2403-1)NessusSuSE Local Security Checks
low
129044SUSE SLES12 Security Update : openssl (SUSE-SU-2019:2397-1)NessusSuSE Local Security Checks
low
128751Slackware 14.2 / current : openssl (SSA:2019-254-03)NessusSlackware Local Security Checks
low
128746FreeBSD : OpenSSL -- Multiple vulnerabilities (9e0c6f7a-d46d-11e9-a1c7-b499baebfeaf)NessusFreeBSD Local Security Checks
medium
128117OpenSSL 1.1.0 < 1.1.0l Multiple VulnerabilitiesNessusWeb Servers
low
128116OpenSSL 1.1.1 < 1.1.1d Multiple VulnerabilitiesNessusWeb Servers
medium
128115OpenSSL 1.0.2 < 1.0.2t Multiple VulnerabilitiesNessusWeb Servers
low
124159MySQL 5.7.x < 5.7.26 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU)NessusDatabases
high