Detections
Analytics

OpenSSL 3.5.0 < 3.5.1 Vulnerability

medium Nessus Plugin ID 237112

Synopsis

The remote service is affected by a vulnerability.

Description

The version of OpenSSL installed on the remote host is prior to 3.5.1. It is, therefore, affected by a vulnerability as referenced in the 3.5.1 advisory.

 - Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste error during minor refactoring of the code introduced this issue in the OpenSSL 3.5 version. If, for example, a trusted CA certificate should be trusted only for the purpose of authenticating TLS servers but not for CMS signature verification and the CMS signature verification is intended to be marked as rejected with the -addreject option, the resulting CA certificate will be trusted for CMS signature verification purpose instead. Only users which use the trusted certificate format who use the openssl x509 command line application to add rejected uses are affected by this issue. The issues affecting only the command line application are considered to be Low severity. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 3.4, 3.3, 3.2, 3.1, 3.0, 1.1.1 and 1.0.2 are also not affected by this issue.
 (CVE-2025-4575)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to OpenSSL version 3.5.1 or later.

See Also

https://openssl-library.org/news/secadv/20250522.txt

https://www.cve.org/CVERecord?id=CVE-2025-4575

http://www.nessus.org/u?71c5cf95

http://www.nessus.org/u?eac4598c

Plugin Details

Severity: Medium

ID: 237112

File Name: openssl_3_5_1.nasl

Version: 1.1

Type: combined

Agent: windows, macosx, unix

Family: Web Servers

Published: 5/22/2025

Updated: 5/22/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.3

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2025-4575

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:openssl:openssl

Required KB Items: installed_sw/OpenSSL

Exploit Ease: No known exploits are available

Patch Publication Date: 5/22/2025

Vulnerability Publication Date: 5/22/2025

Reference Information

CVE: CVE-2025-4575