CVE-2017-3736

{"id": "CVE-2017-3736", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-11-02T17:29:00.243", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "tags": ["Patch", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "http://www.securityfocus.com/bid/101666", "tags": ["Third Party Advisory", "VDB Entry"], "source": "openssl-security@openssl.org"}, {"url": "http://www.securitytracker.com/id/1039727", "tags": ["Third Party Advisory", "VDB Entry"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0998", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2185", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2186", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2187", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2568", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2575", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2713", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://security.gentoo.org/glsa/201712-03", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://security.netapp.com/advisory/ntap-20171107-0002/", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://security.netapp.com/advisory/ntap-20180117-0002/", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.debian.org/security/2017/dsa-4017", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.debian.org/security/2017/dsa-4018", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.openssl.org/news/secadv/20171102.txt", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "source": "openssl-security@openssl.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "source": "openssl-security@openssl.org"}, {"url": "https://www.tenable.com/security/tns-2017-14", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "openssl-security@openssl.org"}, {"url": "https://www.tenable.com/security/tns-2017-15", "tags": ["Third Party Advisory"], "source": "openssl-security@openssl.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen."}, {"lang": "es", "value": "Existe un error de propagaci\u00f3n de d\u00edgito (carry propagation) en el procedimiento de elevaci\u00f3n al cuadrado de x86_64 Montgomery en OpenSSL en versiones anteriores a la 1.0.2m y 1.1.0 anteriores a la 1.1.0g. Ning\u00fan algoritmo EC se ha visto afectado. El an\u00e1lisis sugiere que los ataques contra RSA y DSA como resultado de este defecto ser\u00edan muy dif\u00edciles de realizar y no se ve probable. Los ataques contra DH se consideran simplemente factibles (aunque muy dif\u00edciles) porque la mayor\u00eda del trabajo necesario para deducir la informaci\u00f3n sobre una clave privada se puede realizar offline. La cantidad de recursos necesarios para este ataque ser\u00eda muy elevada y lo m\u00e1s probable es que solo sea accesible para un n\u00famero limitado de atacantes. Un atacante necesitar\u00eda acceso online a un sistema sin parchear que utilice la clave privada objetivo en una situaci\u00f3n con par\u00e1metros DH persistentes y una clave privada que se comparte entre m\u00faltiples clientes. Esto solo afecta a los procesadores que son compatibles con las extensiones BMI1, BMI2 y ADX como Intel Broadwell (5\u00aa generaci\u00f3n) y posteriores o AMD Ryzen."}], "lastModified": "2019-04-23T19:30:04.427", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1069D78-287A-4623-9721-FD9E26135354", "versionEndExcluding": "1.0.2m", "versionStartIncluding": "1.0.2"}, {"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E0F2BE-8EDA-4C09-B251-C35352A621D0", "versionEndExcluding": "1.1.0g", "versionStartIncluding": "1.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "openssl-security@openssl.org"}