1. Home
  2. Vulnerabilities
  3. CVE-2022-4304

CVE-2022-4304

CVSS v3.1 5.9 (Medium)
59% Progress
EPSS 0.18 % (55th)
0.18% Progress
Affected Products 4
Advisories 59
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A timing based side channel exists in the OpenSSL RSA Decryption implementation
which could be sufficient to recover a plaintext across a network in a
Bleichenbacher style attack. To achieve a successful decryption an attacker
would have to be able to send a very large number of trial messages for
decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,
RSA-OEAP and RSASVE.

For example, in a TLS connection, RSA is commonly used by a client to send an
encrypted pre-master secret to the server. An attacker that had observed a
genuine connection between a client and a server could use this flaw to send
trial messages to the server and record the time taken to process them. After a
sufficiently large number of messages the attacker could recover the pre-master
secret used for the original connection and thus be able to decrypt the
application data sent over that connection.

Weaknesses
CWE-203
Observable Discrepancy
CVE Status
PUBLISHED
CNA
OpenSSL Software Foundation
Published Date
2023-02-08 20:15:23
(19 months ago)
Updated Date
2024-02-04 09:15:08
(7 months ago)

Affected Products

Openssl

Stormshield

Configuration #1

    CPE23 From Up To
  Openssl from 1.0.2 version and prior 1.0.2zg version cpe:2.3:a:openssl:openssl >= 1.0.2 < 1.0.2zg
  Openssl from 1.1.1 version and prior 1.1.1t version cpe:2.3:a:openssl:openssl >= 1.1.1 < 1.1.1t
  Openssl from 3.0.0 version and prior 3.0.8 version cpe:2.3:a:openssl:openssl >= 3.0.0 < 3.0.8

Configuration #2

    CPE23 From Up To
  Stormshield Endpoint Security prior 7.2.40 version cpe:2.3:a:stormshield:endpoint_security < 7.2.40
  Stormshield Sslvpn prior 3.2.1 version cpe:2.3:a:stormshield:sslvpn < 3.2.1
  Stormshield Network Security from 2.7.0 version and prior 2.7.11 version cpe:2.3:a:stormshield:stormshield_network_security >= 2.7.0 < 2.7.11
  Stormshield Network Security from 2.8.0 version and prior 3.7.34 version cpe:2.3:a:stormshield:stormshield_network_security >= 2.8.0 < 3.7.34
  Stormshield Network Security from 3.8.0 version and prior 3.11.22 version cpe:2.3:a:stormshield:stormshield_network_security >= 3.8.0 < 3.11.22
  Stormshield Network Security from 4.0.0 version and prior 4.3.16 version cpe:2.3:a:stormshield:stormshield_network_security >= 4.0.0 < 4.3.16
  Stormshield Network Security from 4.4.0 version and prior 4.6.3 version cpe:2.3:a:stormshield:stormshield_network_security >= 4.4.0 < 4.6.3