CVE-2023-0286

Published on: Not Yet Published

Last Modified on: 02/24/2023 03:15:00 PM UTC

CVE-2023-0286

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Certain versions of Openssl from Openssl contain the following vulnerability:

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

  • CVE-2023-0286 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: URL Logo OpenSSL - OpenSSL version < 3.0.8
  • Affected Vendor/Software: URL Logo OpenSSL - OpenSSL version < 1.1.1t
  • Affected Vendor/Software: URL Logo OpenSSL - OpenSSL version < 1.0.2zg

CVSS3 Score: 7.4 - HIGH

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
NETWORK HIGH NONE NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED HIGH NONE HIGH

CVE References

Description Tags Link
www.openssl.org
text/plain
 URL Logo MISC www.openssl.org/news/secadv/20230207.txt
git.openssl.org Git - openssl.git/commitdiff git.openssl.org
text/xml
 URL Logo MISC git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9
git.openssl.org Git - openssl.git/commitdiff git.openssl.org
text/xml
 URL Logo MISC git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658
git.openssl.org Git - openssl.git/commitdiff git.openssl.org
text/xml
Inactive LinkNot Archived
 URL Logo MISC git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

  • 160481 Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2023-0946)
  • 160492 Oracle Enterprise Linux Security Update for Open Secure Sockets Layer (OpenSSL) (ELSA-2023-12152)
  • 181546 Debian Security Update for Open Secure Sockets Layer (OpenSSL) (DSA 5343-1)
  • 181593 Debian Security Update for Open Secure Sockets Layer (OpenSSL) (DLA 3325-1)
  • 199150 Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5844-1)
  • 199151 Ubuntu Security Notification for Open Secure Sockets Layer (OpenSSL) Vulnerabilities (USN-5845-1)
  • 241227 Red Hat Update for Open Secure Sockets Layer (OpenSSL) (RHSA-2023:0946)
  • 241256 Red Hat Update for Open Secure Sockets Layer (OpenSSL) (RHSA-2023:1199)
  • 283694 Fedora Security Update for Open Secure Sockets Layer (OpenSSL) (FEDORA-2023-57f33242bc)
  • 283709 Fedora Security Update for edk2 (FEDORA-2023-e1ffb79ddf)
  • 283736 Fedora Security Update for Open Secure Sockets Layer (OpenSSL) (FEDORA-2023-a5564c0a3f)
  • 283759 Fedora Security Update for edk2 (FEDORA-2023-e821b64a4c)
  • 354734 Amazon Linux Security Advisory for Open Secure Sockets Layer (OpenSSL) : ALAS-2023-1683
  • 354735 Amazon Linux Security Advisory for Open Secure Sockets Layer11 (OpenSSL11) : ALAS2-2023-1934
  • 354737 Amazon Linux Security Advisory for Open Secure Sockets Layer (OpenSSL) : ALAS2-2023-1935
  • 43991 Hewlett Packard Enterprise (HPE) ArubaOS Multiple Vulnerabilities (ARUBA-PSA-2023-001)
  • 502652 Alpine Linux Security Update for Open Secure Sockets Layer (OpenSSL)
  • 502653 Alpine Linux Security Update for Open Secure Sockets Layer3 (OpenSSL3)
  • 691051 Free Berkeley Software Distribution (FreeBSD) Security Update for Open Secure Sockets Layer (OpenSSL) (648a432c-a71f-11ed-86e9-d4c9ef517024)
  • 753631 SUSE Enterprise Linux Security Update for openssl-1_0_0 (SUSE-SU-2023:0305-1)
  • 753633 SUSE Enterprise Linux Security Update for openssl1 (SUSE-SU-2023:0307-1)
  • 753634 SUSE Enterprise Linux Security Update for openssl-1_0_0 (SUSE-SU-2023:0306-1)
  • 753636 SUSE Enterprise Linux Security Update for openssl-1_1 (SUSE-SU-2023:0310-1)
  • 753637 SUSE Enterprise Linux Security Update for openssl-1_1 (SUSE-SU-2023:0308-1)
  • 753640 SUSE Enterprise Linux Security Update for openssl-3 (SUSE-SU-2023:0312-1)
  • 753647 SUSE Enterprise Linux Security Update for openssl-1_1 (SUSE-SU-2023:0311-1)
  • 753649 SUSE Enterprise Linux Security Update for openssl-1_1 (SUSE-SU-2023:0309-1)
  • 905551 Common Base Linux Mariner (CBL-Mariner) Security Update for Open Secure Sockets Layer (OpenSSL) (13566)
  • 905552 Common Base Linux Mariner (CBL-Mariner) Security Update for Open Secure Sockets Layer (OpenSSL) (13564)
  • 905555 Common Base Linux Mariner (CBL-Mariner) Security Update for Open Secure Sockets Layer (OpenSSL) (13566-1)
  • 905562 Common Base Linux Mariner (CBL-Mariner) Security Update for Open Secure Sockets Layer (OpenSSL) (13564-1)
  • 905627 Common Base Linux Mariner (CBL-Mariner) Security Update for cloud-hypervisor (13698)
  • 905629 Common Base Linux Mariner (CBL-Mariner) Security Update for rust (13700)
  • 905630 Common Base Linux Mariner (CBL-Mariner) Security Update for rust (13705)
  • 905632 Common Base Linux Mariner (CBL-Mariner) Security Update for cloud-hypervisor (13701)
  • 905634 Common Base Linux Mariner (CBL-Mariner) Security Update for reaper (13704)
  • 940941 AlmaLinux Security Update for Open Secure Sockets Layer (OpenSSL) (ALSA-2023:0946)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOpensslOpensslAllAllAllAll
  • cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @GuidoVranken OpenSSL 3.0.8 released: CVE-2023-0401 CVE-2023-0286 CVE-2023-0217 CVE-2023-0216 CVE-2023-0215 CVE-2022-4450 CVE-202… twitter.com/i/web/status/1… 2023-02-07 16:16:09
Twitter Icon @w4yh CVE-2023-0286 雑) 型の不一致起因の境界外メモリ読み取りの危険性。証明書チェーンのチェックで X509_V_FLAG_CRL_CHECK flag が有効な場合が対象。ただし攻撃には"細工してあるけどチェックは通る証… twitter.com/i/web/status/1… 2023-02-07 16:30:41
Twitter Icon @w4yh HighはCVE-2023-0286 1つ、他Moderate 7つopenssl.org/news/secadv/20… さっきModerate 3つって書いたのツイ消しします 2023-02-07 16:44:49
Twitter Icon @revskills OpenSSL X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) openssl.org/news/secadv/20… 2023-02-07 16:45:09
Twitter Icon @ippo_n X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) mta.openssl.org/pipermail/open… 危険度が高いとされた脆弱性はコレか。 2023-02-07 17:00:49
Twitter Icon @sora_h CVE-2023-0286 ギョッとしたけどとりあえず影響を受けるアプリケーションは少なそうね 2023-02-07 17:18:30
Twitter Icon @SecurityWeek OpenSSL Ships Patch for High-Severity Flaws - securityweek.com/openssl-ships-… (CVE-2023-0286) 2023-02-07 18:26:36
Twitter Icon @MrsYisWhy SecurityWeek: OpenSSL Ships Patch for High-Severity Flaws - securityweek.com/openssl-ships-… (CVE-2023-0286) 2023-02-07 18:29:35
Twitter Icon @mikeforbes CVE-2023-0286 A new high severity OpenSSL bug was patched in OpenSSL v. OpenSSL 3.0.8, 1.1.1t, 1.0.2zg. TL:DR; Ca… twitter.com/i/web/status/1… 2023-02-07 19:12:10
Twitter Icon @wdormann Note that this issue is CVE-2023-0286, which is mentioned in: mta.openssl.org/pipermail/open… 2023-02-07 20:01:17
Twitter Icon @foxbook X.509 GeneralName での X.400 アドレス タイプの混乱 (CVE-2023-0286) 重大度: 高 2023-02-07 20:06:50
Twitter Icon @omokazuki OpenSSLの脆弱性情報(High: CVE-2023-0286, Moderate: CVE-2022-4203,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0216,… twitter.com/i/web/status/1… 2023-02-07 21:36:31
Twitter Icon @fd0 CVE-2023-0286 | OpenSSL X.400 Address 特権昇格 vuldb.com/ja/?id.220349 2023-02-07 23:46:44
Twitter Icon @ravirockks 'The most serious of the bugs, a type confusion issue tracked as CVE-2023-0286, may allow an attacker to pass arbit… twitter.com/i/web/status/1… 2023-02-08 00:12:55
Twitter Icon @ippo_n CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName access.redhat.com/security/cve/c… Redhat の評価はModerat… twitter.com/i/web/status/1… 2023-02-08 00:31:27
Twitter Icon @minamijoyo X.400ってなんだっけ?って思ったけどメールか X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) openssl.org/news/secadv/20… 2023-02-08 01:03:03
Twitter Icon @w4yh CVE-2023-0286はRH的には攻撃の仕込みを成立させるの大変という判定でModerate(7.4) // CVE-2023-0286- Red Hat Customer Portal access.redhat.com/security/cve/c… 2023-02-08 01:07:55
Twitter Icon @_kei_s OpenSSLの脆弱性情報(High: CVE-2023-0286, Moderate: CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0… twitter.com/i/web/status/1… 2023-02-08 01:14:38
Twitter Icon @zquestz Another day, another OpenSSL vulnerability. X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) openssl.org/news/secadv/20… 2023-02-08 03:56:17
Twitter Icon @the_yellow_fall CVE-2023-0286: High-Severity Vulnerability in OpenSSL securityonline.info/cve-2023-0286-… #opensource #infosec #security #pentesting 2023-02-08 07:39:02
Twitter Icon @AcooEdi CVE-2023-0286: High-Severity Vulnerability in OpenSSL dlvr.it/Sj5m1d via securityonline https://t.co/WxVBNrbXyn 2023-02-08 07:44:35
Twitter Icon @EchelonEyes OpenSSL сообщает о 8 уязвимостях, среди них одна серьезная – CVE-2023-0286. Недостаток связан с путаницей типов при… twitter.com/i/web/status/1… 2023-02-08 07:57:30
Twitter Icon @FilipiPires CVE-2023-0286: High-Severity Vulnerability in OpenSSL ift.tt/uPFy0vZ #security #opensource #cybersecurity… twitter.com/i/web/status/1… 2023-02-08 08:33:17
Twitter Icon @schectman_hell securityonline.info/cve-2023-0286-… 2023-02-08 11:01:05
Twitter Icon @lucianot54 "CVE-2023-0286: High-Severity Vulnerability in OpenSSL" via Penetration Testing ift.tt/G9vIucs 2023-02-08 11:22:30
Twitter Icon @PentestingN CVE-2023-0286: High-Severity Vulnerability in OpenSSL securityonline.info/cve-2023-0286-… 2023-02-08 12:44:32
Twitter Icon @CVEtrends Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2021-21974: 544.5K (audience size) CVE-2023-0286: 303.3K CVE-2023-… twitter.com/i/web/status/1… 2023-02-08 14:00:03
Twitter Icon @Har_sia CVE-2023-0286 har-sia.info/CVE-2023-0286.… #HarsiaInfo 2023-02-08 15:01:33
Twitter Icon @CVEreport CVE-2023-0286 : There is a type confusion vulnerability relating to X.400 address processing inside an X.509 Genera… twitter.com/i/web/status/1… 2023-02-08 20:03:08
Twitter Icon @SOCWALL_tw ثغرة في “OpenSSL” يتم تتبعها بالرقم CVE-2023-0286، استغلالها قد يسمح للمهاجم بالوصول إلى بيانات الذاكرة العشوائية أ… twitter.com/i/web/status/1… 2023-02-09 04:36:32
Twitter Icon @Komodosec #Technology #CVE20224203 CVE-2023-0286: High-Severity Vulnerability in OpenSSL securityonline.info/cve-2023-0286-… 2023-02-09 05:33:09
Twitter Icon @RedPacketSec OpenSSL denial of service | CVE-2023-0286 - redpacketsecurity.com/openssl-denial… #CVE #Vulnerability #OSINT #ThreatIntel #Cyber 2023-02-09 10:01:49
Twitter Icon @ColorTokensInc Emerging Vulnerability Found CVE-2023-0286 - There is a type confusion vulnerability relating to X.400 address proc… twitter.com/i/web/status/1… 2023-02-09 10:14:06
Twitter Icon @kakerigawa CVE-2022-4304/CVE-2023-0215/CVE-2022-4450/CVE-2023-0286とな? 2023-02-09 13:52:00
Twitter Icon @CVEtrends Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2023-0286: 1.3M (audience size) CVE-2023-25136: 742.4K CVE-2022-41… twitter.com/i/web/status/1… 2023-02-09 14:00:03
Twitter Icon @Har_sia CVE-2023-0286 har-sia.info/CVE-2023-0286.… #HarsiaInfo 2023-02-09 15:02:14
Twitter Icon @JFrogSecurity Note: CVE-2023-0286 that affects #OpenSSL- while OpenSSL gave this issue a high severity it is highly unlikely to b… twitter.com/i/web/status/1… 2023-02-09 16:51:16
Twitter Icon @77_rickson securityonline.info/cve-2023-0286-… 2023-02-09 18:53:37
Twitter Icon @MacHertz1 Thoughts on OpenSSL CVE-2023-0286: Patch ASAP if you have "applications which have implemented their own functional… twitter.com/i/web/status/1… 2023-02-09 18:55:53
Twitter Icon @SalgueiroMiguel La vulnerabilidad CVE-2023-0286, (CVSS 3.0: 7.4, Alto) - Se produce una vulnerabilidad de confusión de tipo en Ope… twitter.com/i/web/status/1… 2023-02-09 19:19:23
Twitter Icon @_Fritto_ The latest @Trellix report covers CVE-2023-0286, researchers Mark Bereza(@ROPsicle) & John Dunlap discuss the vulne… twitter.com/i/web/status/1… 2023-02-09 20:48:00
Twitter Icon @Trellix CVE-2023-0286: The OpenSSL Who Cried “Severity: High” – NEW RESEARCH from @ROPsicle & @JohnDunlap2.… twitter.com/i/web/status/1… 2023-02-09 20:53:10
Twitter Icon @TrellixARC CVE-2023-0286 leaves OpenSSL versions 1.02, 1.1.1, and 3.0 vulnerable, and thankfully, fixing the vuln is much simp… twitter.com/i/web/status/1… 2023-02-09 21:01:32
Twitter Icon @CsmTonya ? from @TrellixARC (specifically, @ROPsicle & @JohnDunlap2) - A close look at CVE-2023-0286, including what it is,… twitter.com/i/web/status/1… 2023-02-09 21:11:48
Twitter Icon @ROPsicle Just how severe is "Severity: High"? @JohnDunlap2 and I take a stab at assessing the actual threat CVE-2023-0286, a… twitter.com/i/web/status/1… 2023-02-10 03:13:50
Twitter Icon @ipssignatures I know no IPS that has a protection/signature/rule for the vulnerability CVE-2023-0286. The vuln was published 1 da… twitter.com/i/web/status/1… 2023-02-10 06:04:00
Twitter Icon @ipssignatures The vuln CVE-2023-0286 has a tweet created 0 days ago and retweeted 7 times. twitter.com/Trellix/status… #Smj53aqic2ubie 2023-02-10 06:04:01
Twitter Icon @iicsorg #Cibersegruidad #infosec #seguridad OpenSSL envía un parche para vulnerabilidad de alta gravedad (CVE-2023-0286)… twitter.com/i/web/status/1… 2023-02-10 07:19:29
Twitter Icon @AcooEdi OpenSSL envía un parche para vulnerabilidad de alta gravedad (CVE-2023-0286) dlvr.it/SjC9nStwitter.com/i/web/status/1… 2023-02-10 07:24:34
Twitter Icon @torsity_intel OpenSSL envía un parche para vulnerabilidad de alta gravedad (CVE-2023-0286) noticiasseguridad.com/vulnerabilidad… 2023-02-10 08:00:53
Twitter Icon @iHackeando OpenSSL envía un parche para vulnerabilidad de alta gravedad (CVE-2023-0286) dlvr.it/SjCVYw 2023-02-10 10:05:33
Twitter Icon @zoro_vega OpenSSL envía un parche para vulnerabilidad de alta gravedad (CVE-2023-0286) noticiasseguridad.com/vulnerabilidad… 2023-02-10 12:49:56
Twitter Icon @CVEtrends Top 3 trending CVEs on Twitter Past 24 hrs: CVE-2021-21974: 605.6K (audience size) CVE-2023-0286: 397.3K CVE-2019-… twitter.com/i/web/status/1… 2023-02-10 14:00:03
Twitter Icon @Har_sia CVE-2023-0286 har-sia.info/CVE-2023-0286.… #HarsiaInfo 2023-02-10 15:02:40
Twitter Icon @ipssignatures The vuln CVE-2023-0286 has a tweet created 0 days ago and retweeted 10 times. twitter.com/Trellix/status… #pow1rtrtwwcve 2023-02-10 16:06:00
Twitter Icon @securezoo OpenSSL has released a security update with fixes for 1 High risk vulnerability (CVE-2023-0286) and 7 other Moderat… twitter.com/i/web/status/1… 2023-02-10 17:32:31
Twitter Icon @TechAndCoffee1 CVE-2023-0286 * CVE-2023-0401 #AlpineLinux fosstodon.org/@alpinelinux/1… (2/2) 2023-02-10 22:58:34
Twitter Icon @m_masaru CVE-2023-0286 そもそもhandshake時にCRL配布ポイントから取得するクライアントはほぼ居ない(居ると思っているのが多数派だが)ので影響はない。 > ネットワーク経… twitter.com/i/web/status/1… 2023-02-11 08:42:45
Twitter Icon @hardik05 #cve-2023-0286 can you spot the bug? Hint: a->d.x400Address is already a ASN string. https://t.co/Gi6J9LYtCH 2023-02-11 16:55:10
Twitter Icon @ShaneMBennett ? from @TrellixARC (specifically, @ROPsicle & @JohnDunlap2) - A close look at CVE-2023-0286, including what it is,… twitter.com/i/web/status/1… 2023-02-11 17:16:36
Twitter Icon @ohhara_shiojiri OpenSSL 3.0.8 で対応された 深刻度「High(高)」のCVE-2023-0286とは blogs.trellix.jp/cve-2023-0286-… 2023-02-12 12:31:16
Twitter Icon @grevelo1 OPENSSL ENVÍA UN PARCHE PARA VULNERABILIDAD DE ALTA GRAVEDAD (CVE-2023-0286). buff.ly/3YlYjie 2023-02-12 14:10:00
Reddit Logo Icon /r/SecurityIT CVE-2023-0286 - OpenSSL: X.400 address type confusion in X.509 GeneralName 2023-02-08 11:30:17
Reddit Logo Icon /r/blueteamsec OpenSSL Security Advisory 0 X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) - this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. 2023-02-08 13:01:25
Reddit Logo Icon /r/sysadmin OpelSSL Multiple CVE 2023-02-09 19:00:59
Reddit Logo Icon /r/fuzzing The Hunt for CVE-2023-0286: Replicating OpenSSL's Latest Vulnerability 2023-02-16 07:16:48
Reddit Logo Icon /r/freebsd CVE-2023-0286 and FreeBSD-SA-23:02.openssh 2023-02-25 14:10:44
Reddit Logo Icon /r/googlecloudupdates March 06, 2023 GCP release notes 2023-03-07 01:00:20
Reddit Logo Icon /r/googlecloudupdates March 17, 2023 GCP release notes 2023-03-18 01:00:10
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report