#VU74149 Security features bypass in OpenSSL


Published: 2023-03-28 | Updated: 2023-10-11

Vulnerability identifier: #VU74149

Vulnerability risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0466

CWE-ID: CWE-254

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error within the X509_VERIFY_PARAM_add0_policy() function, which does not perform the certificate policy check despite being implicitly enabled. A remote attacker can bypass expected security restrictions and perform MitM attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

OpenSSL: 3.1.0, 3.0.0 - 3.0.8, 1.0.2 - 1.0.2zg, 1.1.1 - 1.1.1t, 1.1.0 - 1.1.0l, 1.0.1 - 1.0.1u, 1.0.0 - 1.0.0t

External links
http://www.openssl.org/news/secadv/20230328.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM Workload Automation
Multiple vulnerabilities in Juniper Networks Junos cRPD
Multiple vulnerabilities in Juniper Cloud Native Router
Multiple vulnerabilities in Siemens Telecontrol Server Basic
Multiple vulnerabilities in IBM Storage Protect Client
Multiple vulnerabilities in IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V
Multiple vulnerabilities in IBM Storage Protect for Virtual Environments: Data Protection for VMware
Multiple vulnerabilities in NX-OS Firmware
openEuler update for edk2
Multiple vulnerabilities in IBM Cognos Dashboards on Cloud Pak for Data