CVE-2023-0465

Applications that use a non-default option when verifying certificates may be
vulnerable to an attack from a malicious CA to circumvent certain checks.

Invalid certificate policies in leaf certificates are silently ignored by
OpenSSL and other certificate policy checks are skipped for that certificate.
A malicious CA could use this to deliberately assert invalid certificate policies
in order to circumvent policy checking on the certificate altogether.

Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
opensslCNA
---
---
CVEADP
---
---
CISA-ADPADP
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
opensslopenssl
1.0.2 ≤
𝑥
< 1.0.2zh
opensslopenssl
1.1.1 ≤
𝑥
< 1.1.1u
opensslopenssl
3.0.0 ≤
𝑥
< 3.0.9
opensslopenssl
3.1.0 ≤
𝑥
< 3.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssl
bullseye
1.1.1w-0+deb11u1
fixed
bullseye (security)
1.1.1w-0+deb11u2
fixed
bookworm
3.0.15-1~deb12u1
fixed
bookworm (security)
3.0.14-1~deb12u2
fixed
sid
3.3.2-2
fixed
trixie
3.3.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
edk2
oracular
not-affected
noble
not-affected
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needed
focal
needed
bionic
needs-triage
xenial
needs-triage
trusty
ignored
nodejs
oracular
not-affected
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
needed
focal
not-affected
bionic
needs-triage
xenial
needs-triage
trusty
not-affected
openssl
oracular
Fixed 3.0.8-1ubuntu2
released
noble
Fixed 3.0.8-1ubuntu2
released
mantic
Fixed 3.0.8-1ubuntu2
released
lunar
Fixed 3.0.8-1ubuntu1.1
released
kinetic
Fixed 3.0.5-2ubuntu2.2
released
jammy
Fixed 3.0.2-0ubuntu1.9
released
focal
Fixed 1.1.1f-1ubuntu2.18
released
bionic
Fixed 1.1.1-1ubuntu2.1~18.04.22
released
xenial
Fixed 1.0.2g-1ubuntu4.20+esm7
released
trusty
Fixed 1.0.1f-1ubuntu2.27+esm7
released
openssl1.0
oracular
dne
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
focal
dne
bionic
Fixed 1.0.2n-1ubuntu5.12
released
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
https://security.gentoo.org/glsa/202402-08
https://security.netapp.com/advisory/ntap-20230414-0001/
https://www.debian.org/security/2023/dsa-5417
https://www.openssl.org/news/secadv/20230328.txt
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
https://security.gentoo.org/glsa/202402-08
https://security.netapp.com/advisory/ntap-20230414-0001/
https://www.debian.org/security/2023/dsa-5417
https://www.openssl.org/news/secadv/20230328.txt