#VU17908 Use of a broken or risky cryptographic algorithm in OpenSSL - CVE-2019-1543
Published: March 6, 2019 / Updated: December 2, 2019
Vulnerability identifier: #VU17908
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-1543
CWE-ID: CWE-327
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OpenSSL
OpenSSL
Software vendor:
OpenSSL Software Foundation
OpenSSL Software Foundation
Description
The vulnerability allows a remote attacker to gain access to encrypted data.
The vulnerability exists due to incorrect implementation of the ChaCha20-Poly1305 cipher. For messages, encrypted with this cipher, a reused nonce value is used that is susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce.
This vulnerability does not affect internal usage of the cipher within OpenSSL. However if an application uses this cipher directly and sets a non-default nonce length to be longer than 12 bytes, it may be vulnerable.
Remediation
The vendor has issued patches that are available from the repository.