Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2021-03037

Опубликовано: 06 дек. 2017
Источник: fstec
CVSS3: 5.9
CVSS2: 4.3
EPSS Средний

Описание

Уязвимость процедуры AVX2 Montgomery библиотеки OpenSSL связана с недостатками защиты служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации с помощью закрытого ключа DH1024

Вендор

Oracle Corp.
Red Hat Inc.
Canonical Ltd.
Сообщество свободного программного обеспечения
Node.js Foundation
IBM Corp.
OpenSSL Software Foundation

Наименование ПО

API Gateway
Transportation Management
Red Hat Enterprise Linux
Ubuntu
Debian GNU/Linux
Enterprise Manager Ops Center
JD Edwards EnterpriseOne Tools
Tuxedo
PeopleSoft Enterprise PeopleTools
Primavera P6 Enterprise Project Portfolio Management
Communications WebRTC Session Controller
Communications Application Session Controller
Communications Network Charging and Control
Agile Engineering Data Management
Secure Global Desktop
Enterprise Manager Base Platform
Endeca Server
Node.js
MySQL Connectors
Communications EAGLE LNP Application Processor
Communications Operations Monitor
Communications Session Border Controller
Communications Unified Session Manager
Enterprise Communications Broker
Enterprise Session Border Controller
JD Edwards World Security
MySQL Workbench
OSS Support Tools
Communications Diameter Signaling Router
MySQL Server
OpenSSL
Oracle Endeca Information Discovery Studio
MySQL Enterprise Monitor
Communications EAGLE Software

Версия ПО

11.1.2.4.0 (API Gateway)
6.2 (Transportation Management)
7 (Red Hat Enterprise Linux)
17.04 (Ubuntu)
9 (Debian GNU/Linux)
17.10 (Ubuntu)
12.2.2 (Enterprise Manager Ops Center)
12.3.3 (Enterprise Manager Ops Center)
9.2 (JD Edwards EnterpriseOne Tools)
12.1.1.0 (Tuxedo)
8.55 (PeopleSoft Enterprise PeopleTools)
8.56 (PeopleSoft Enterprise PeopleTools)
8.57 (PeopleSoft Enterprise PeopleTools)
8.4 (Primavera P6 Enterprise Project Portfolio Management)
15.1 (Primavera P6 Enterprise Project Portfolio Management)
15.2 (Primavera P6 Enterprise Project Portfolio Management)
16.1 (Primavera P6 Enterprise Project Portfolio Management)
16.2 (Primavera P6 Enterprise Project Portfolio Management)
18.8 (Primavera P6 Enterprise Project Portfolio Management)
до 7.2 (Communications WebRTC Session Controller)
3.7.1 (Communications Application Session Controller)
3.8.0 (Communications Application Session Controller)
4.4.1.5.0 (Communications Network Charging and Control)
5.0.0.1.0 (Communications Network Charging and Control)
5.0.0.2.0 (Communications Network Charging and Control)
5.0.1.0.0 (Communications Network Charging and Control)
5.0.2.0.0 (Communications Network Charging and Control)
6.1.3 (Agile Engineering Data Management)
6.2.0 (Agile Engineering Data Management)
6.2.1 (Agile Engineering Data Management)
5.3 (Secure Global Desktop)
5.4 (Secure Global Desktop)
12.1.0.5 (Enterprise Manager Base Platform)
7.6.1 (Endeca Server)
7.7.0 (Endeca Server)
6 (Node.js)
8 (Node.js)
от 17.7 до 17.12 включительно (Primavera P6 Enterprise Project Portfolio Management)
до 5.3.10 включительно (MySQL Connectors)
10.0 (Communications EAGLE LNP Application Processor)
10.1 (Communications EAGLE LNP Application Processor)
10.2 (Communications EAGLE LNP Application Processor)
3.4 (Communications Operations Monitor)
4.0 (Communications Operations Monitor)
SCz7.4.0 (Communications Session Border Controller)
SCz7.4.1 (Communications Session Border Controller)
SCz8.0.0 (Communications Session Border Controller)
SCz8.1.0 (Communications Session Border Controller)
SCz7.3.5 (Communications Unified Session Manager)
PCz2.1 (Enterprise Communications Broker)
PCz2.2 (Enterprise Communications Broker)
PCz3.0 (Enterprise Communications Broker)
ECz7.4.0 (Enterprise Session Border Controller)
ECz7.5.0 (Enterprise Session Border Controller)
ECz8.0.0 (Enterprise Session Border Controller)
ECz8.1.0 (Enterprise Session Border Controller)
A9.3 (JD Edwards World Security)
A9.3.1 (JD Edwards World Security)
A9.4 (JD Edwards World Security)
до 8.0.13 включительно (MySQL Workbench)
до 19.1 (OSS Support Tools)
8 (Debian GNU/Linux)
8.0 (Communications Diameter Signaling Router)
8.1 (Communications Diameter Signaling Router)
8.2 (Communications Diameter Signaling Router)
8.3 (Communications Diameter Signaling Router)
13.2.0.0 (Enterprise Manager Base Platform)
13.3.0.0 (Enterprise Manager Base Platform)
до 5.6.40 включительно (MySQL Server)
от 5.7.0 до 5.7.22 включительно (MySQL Server)
от 8.0.0 до 8.0.11 включительно (MySQL Server)
16.04 ESM (Ubuntu)
4 (Node.js)
9 (Node.js)
от 1.1.0 до 1.1.0h (OpenSSL)
от 1.0.2 до 1.0.2n (OpenSSL)
7.6.1.0.0 (Oracle Endeca Information Discovery Studio)
7.7.0.0.0 (Oracle Endeca Information Discovery Studio)
8.54 (PeopleSoft Enterprise PeopleTools)
до 3.3.7.3306 включительно (MySQL Enterprise Monitor)
от 3.4.5 до 3.4.5.4248 включительно (MySQL Enterprise Monitor)
от 4.0.2 до 4.0.2.5168 включительно (MySQL Enterprise Monitor)
от 3.4.7 до 3.4.7.4297 включительно (MySQL Enterprise Monitor)
от 4.0.4 до 4.0.4.5235 включительно (MySQL Enterprise Monitor)
от 8.0.0 до 8.0.0.8131 включительно (MySQL Enterprise Monitor)
до 8.0.13 включительно (MySQL Enterprise Monitor)
до 4.0.7 включительно (MySQL Enterprise Monitor)
от 8.0.0 до 8.0.11 включительно (MySQL Connectors)
46.5 (Communications EAGLE Software)
46.6 (Communications EAGLE Software)
46.7 (Communications EAGLE Software)

Тип ПО

ПО программно-аппаратных средств защиты
Прикладное ПО информационных систем
Операционная система
Сетевое программное средство
ПО сетевого программно-аппаратного средства
СУБД
Программное средство защиты

Операционные системы и аппаратные платформы

Red Hat Inc. Red Hat Enterprise Linux 7
Canonical Ltd. Ubuntu 17.04
Сообщество свободного программного обеспечения Debian GNU/Linux 9
Canonical Ltd. Ubuntu 17.10
Сообщество свободного программного обеспечения Debian GNU/Linux 8
Canonical Ltd. Ubuntu 16.04 ESM

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 4,3)
Средний уровень опасности (базовая оценка CVSS 3.0 составляет 5,9)

Возможные меры по устранению уязвимости

Использование рекомендаций:
Для OpenSSL:
https://www.openssl.org/news/secadv/20171207.txt
https://www.openssl.org/news/secadv/20180327.txt
Для Node.js:
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
Для Debian GNU/Linux:
https://www.debian.org/security/2017/dsa-4065
https://www.debian.org/security/2018/dsa-4157
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2017-3738
Для Ubuntu:
https://ubuntu.com/security/notices/USN-3512-1
Для программных продуктов Oracle Corp.:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 95%
0.17587
Средний

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-3738

CVSS3: 5.9
ubuntu
больше 7 лет назад

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to th...

redhat логотип

CVE-2017-3738

CVSS3: 5.9
redhat
больше 7 лет назад

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to th...

nvd логотип

CVE-2017-3738

CVSS3: 5.9
nvd
больше 7 лет назад

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the l

debian логотип

CVE-2017-3738

CVSS3: 5.9
debian
больше 7 лет назад

There is an overflow bug in the AVX2 Montgomery multiplication procedu ...

github логотип

GHSA-gj3m-w8pf-46c5

CVSS3: 5.9
github
около 3 лет назад

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to th...

EPSS

Процентиль: 95%
0.17587
Средний

5.9 Medium

CVSS3

4.3 Medium

CVSS2