CVE-2016-7055
Description
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attackers direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.693
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-7055,CVE-2016-7054,CVE-2016-7053 are fixed in OpenSSL (x64) 1.1.0c | Windows |
| Vulnerabilities CVE-2017-3732,CVE-2017-3731,CVE-2016-7055 are fixed in OpenSSL (x64) 1.0.2k | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.3.0 | Windows |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.1-4ubuntu5.39_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.1-4ubuntu5.39_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.2g-1ubuntu4.6_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.2g-1ubuntu4.6_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1-4ubuntu5.39_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1-4ubuntu5.39_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.2g-1ubuntu4.6_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.2g-1ubuntu4.6_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1f-1ubuntu2.22_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1f-1ubuntu2.22_amd64.deb | Linux |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Application Policy Infrastructure Controller (APIC) | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Jabber for Mac | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Jabber Software Development Kit | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Security Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco UCS Director | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Unified Contact Center Enterprise | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Unity Connection | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Virtual Wireless Controller | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Conductor | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Wide Area Application Services (WAAS) Appliances | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco ONS 15454 Series Multiservice Provisioning Platforms | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Video Surveillance Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Identity Services Engine | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Unified Attendant Consoles | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Unified Mobile Communicator | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016 For Cisco Unified Workforce Optimization | NCM |
| CVE-2016-7055 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706006 | Security Update for Cisco Application Policy Infrastructure Controller (APIC) 1.3(2k) |
| PATCH-1706051 | Security Update for Cisco Jabber Software Development Kit 11.8(2) |
| PATCH-1705795 | Security Update for Cisco Security Manager 4.12(0.64) |
| PATCH-1705947 | Security Update for Cisco UCS Director 6.0(1.0) |
| PATCH-1705943 | Security Update for Cisco Unified Contact Center Enterprise 11.6(1)SR0(0) |
| PATCH-1706048 | Security Update for Cisco Unity Connection 12.0(0.97000.184) |
| PATCH-1705937 | Security Update for Cisco Virtual Wireless Controller 8.3(15.155) |
| PATCH-1705867 | Security Update for Cisco Conductor 3.600 |
| PATCH-1706001 | Security Update for Cisco Wide Area Application Services (WAAS) Appliances 6.3(0.185) |
| PATCH-1705963 | Security Update for Cisco ONS 15454 Series Multiservice Provisioning Platforms 10.6(2) |
| PATCH-1706045 | Security Update for Cisco Video Surveillance Manager 7.10 |
| PATCH-1706002 | Security Update for Cisco Identity Services Engine 2.0(0.905) |
| PATCH-1706047 | Security Update for Cisco Unified Attendant Consoles 11.0(2) |
| PATCH-1705976 | Security Update for Cisco Unified Mobile Communicator 11.8(1.250274) |
| PATCH-1705884 | Security Update for Cisco Unified Workforce Optimization 11.5(1)SGN1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234