#VU17860 Use of a broken or risky cryptographic algorithm in OpenSSL


| Updated: 2022-06-24

Vulnerability identifier: #VU17860

Vulnerability risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1559

CWE-ID: CWE-327

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.

Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY). 


Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenSSL: 1.0.2q - 1.0.2p

External links
http://www.openssl.org/news/secadv/20190226.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SolarWinds Platform update for third-party components
Multiple vulnerabilities in Dell Networker
Multiple vulnerabilities in IBM PureData System for Operational Analytics
Information disclosure in Dell EMC Isilon OneFS
Multiple vulnerabilities in Dell EMC Cyber Recovery
Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
Multiple vulnerabilities in Dell EMC ECS
Multiple vulnerabilities in Dell Connectrix
Multiple vulnerabilities in HPE SANnav Management Software
Multiple vulnerabilities in Brocade SANnav