Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
Resumen del problema: Las aplicaciones que realizan comprobaciones de nombres de certificados (por ejemplo, clientes TLS que comprueban certificados de servidor) pueden intentar leer una dirección de memoria no válida, lo que da como resultado la finalización anormal del proceso de la aplicación. Resumen del impacto: La finalización anormal de una aplicación puede causar una denegación de servicio. Las aplicaciones que realizan comprobaciones de nombres de certificados (por ejemplo, clientes TLS que comprueban certificados de servidor) pueden intentar leer una dirección de memoria no válida al comparar el nombre esperado con un nombre alternativo de sujeto `otherName` de un certificado X.509. Esto puede dar como resultado una excepción que finalice el programa de aplicación. Tenga en cuenta que la validación básica de la cadena de certificados (firmas, fechas, ...) no se ve afectada, la denegación de servicio puede ocurrir solo cuando la aplicación también especifica un nombre DNS, una dirección de correo electrónico o una dirección IP esperados. Los servidores TLS rara vez solicitan certificados de cliente, e incluso cuando lo hacen, generalmente no realizan una comprobación de nombre contra un identificador de referencia (identidad esperada), sino que extraen la identidad presentada después de comprobar la cadena de certificados. Por lo tanto, los servidores TLS generalmente no se ven afectados y la gravedad del problema es moderada. Los módulos FIPS en 3.3, 3.2, 3.1 y 3.0 no se ven afectados por este problema.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-843
|
| [email protected] | Primary |
en
CWE-843
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| openssl | openssl | * | <built-in method update of dict object at 0x702b70377c80> | Application |
| openssl | openssl | * | <built-in method update of dict object at 0x702bfc2a6280> | Application |
| openssl | openssl | * | <built-in method update of dict object at 0x702bfc2a6d80> | Application |
| openssl | openssl | * | <built-in method update of dict object at 0x702bcc9b3f00> | Application |
| netapp | active_iq_unified_manager | - | <built-in method update of dict object at 0x702b70374dc0> | Application |
| netapp | management_services_for_element_software_and_netapp_hci | - | <built-in method update of dict object at 0x702bcc9b1300> | Application |
| netapp | ontap_9 | - | <built-in method update of dict object at 0x702b70374c80> | Application |
| netapp | ontap_select_deploy_administration_utility | - | <built-in method update of dict object at 0x702bdd12a200> | Application |
| netapp | ontap_tools | 9 | <built-in method update of dict object at 0x702bfc2a55c0> | Application |
| netapp | brocade_fabric_operating_system | - | <built-in method update of dict object at 0x702bcc9b2300> | Operating System |
| netapp | h300s_firmware | - | <built-in method update of dict object at 0x702b703751c0> | Operating System |
| netapp | h500s_firmware | - | <built-in method update of dict object at 0x702bfc2a4940> | Operating System |
| netapp | h700s_firmware | - | <built-in method update of dict object at 0x702bdd1284c0> | Operating System |
| netapp | h410s_firmware | - | <built-in method update of dict object at 0x702b70374200> | Operating System |
| netapp | h410c_firmware | - | <built-in method update of dict object at 0x702b70375380> | Operating System |
| netapp | h610c_firmware | - | <built-in method update of dict object at 0x702b70374e00> | Operating System |
| netapp | h610s_firmware | - | <built-in method update of dict object at 0x702b70376440> | Operating System |
| netapp | h615c | - | <built-in method update of dict object at 0x702bfc2a6940> | Hardware |
| netapp | bootstrap_os | - | <built-in method update of dict object at 0x702bfc2a5b80> | Operating System |
| netapp | a250_firmware | - | <built-in method update of dict object at 0x702bcc9b01c0> | Operating System |
| netapp | 500f_firmware | - | <built-in method update of dict object at 0x702bdd12bf00> | Operating System |
| netapp | c250_firmware | - | <built-in method update of dict object at 0x702bfc2a5500> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* |
| Yes | cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:* |
| Yes | cpe:2.3:o:netapp:brocade_fabric_operating_system:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:* |