OpenSSL AES-NI Padding Oracle MitM Information Disclosure

Low Nessus Plugin ID 91572

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 4.4

Synopsis

It was possible to obtain sensitive information from the remote host with TLS-enabled services.

Description

The remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability due to an error in the implementation of ciphersuites that use AES in CBC mode with HMAC-SHA1 or HMAC-SHA256.
The implementation is specially written to use the AES acceleration available in x86/amd64 processors (AES-NI). The error messages returned by the server allow allow a man-in-the-middle attacker to conduct a padding oracle attack, resulting in the ability to decrypt network traffic.

Solution

Upgrade to OpenSSL version 1.0.1t / 1.0.2h or later.

See Also

https://blog.filippo.io/luckyminus20/

http://www.nessus.org/u?7647e9f0

https://www.openssl.org/news/secadv/20160503.txt

Plugin Details

Severity: Low

ID: 91572

File Name: openssl_AES_NI_padding_oracle.nasl

Version: 1.19

Type: remote

Family: General

Published: 2016/06/13

Updated: 2020/08/17

Dependencies: 56984

Risk Information

Risk Factor: Low

VPR Score: 4.4

CVSS Score Source: CVE-2016-2107

CVSS v2.0

Base Score: 2.6

Temporal Score: 2

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 5.9

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:openssl:openssl

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/05/03

Vulnerability Publication Date: 2016/05/03

Reference Information

CVE: CVE-2016-2107

BID: 89760

EDB-ID: 39768