{ "threat_severity" : "Low", "public_date" : "2023-03-28T00:00:00Z", "bugzilla" : { "description" : "openssl: Invalid certificate policies in leaf certificates are silently ignored", "id" : "2182561", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2182561" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "status" : "verified" }, "details" : [ "Applications that use a non-default option when verifying certificates may be\nvulnerable to an attack from a malicious CA to circumvent certain checks.\nInvalid certificate policies in leaf certificates are silently ignored by\nOpenSSL and other certificate policy checks are skipped for that certificate.\nA malicious CA could use this to deliberately assert invalid certificate policies\nin order to circumvent policy checking on the certificate altogether.\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy' argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()' function.", "A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function." ], "statement" : "Red Hat has determined that this flaw is of low impact because it only affects applications that use a non-default configuration (enabling policy processing), requires a malicious CA, and does not compromise cryptographic integrity or directly enable system exploitation.", "affected_release" : [ { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7625", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-openssl-1:1.1.1k-16.el8jbcs" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7625", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-openssl-1:1.1.1k-16.el7jbcs" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-06-21T00:00:00Z", "advisory" : "RHSA-2023:3722", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "openssl-1:3.0.7-16.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-06-21T00:00:00Z", "advisory" : "RHSA-2023:3722", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "openssl-1:3.0.7-16.el9_2" }, { "product_name" : "Red Hat JBoss Web Server 5", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7623", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5.7", "package" : "openssl" }, { "product_name" : "Red Hat JBoss Web Server 5.7 on RHEL 7", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7622", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5.7::el7", "package" : "jws5-tomcat-native-0:1.2.31-16.redhat_16.el7jws" }, { "product_name" : "Red Hat JBoss Web Server 5.7 on RHEL 8", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7622", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5.7::el8", "package" : "jws5-tomcat-native-0:1.2.31-16.redhat_16.el8jws" }, { "product_name" : "Red Hat JBoss Web Server 5.7 on RHEL 9", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7622", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5.7::el9", "package" : "jws5-tomcat-native-0:1.2.31-16.redhat_16.el9jws" }, { "product_name" : "Text-Only JBCS", "release_date" : "2023-12-07T00:00:00Z", "advisory" : "RHSA-2023:7626", "cpe" : "cpe:/a:redhat:jboss_core_services:1", "package" : "openssl" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "openssl", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "openssl", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "ovmf", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "compat-openssl10", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "edk2", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "openssl", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "shim", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "compat-openssl11", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "edk2", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "shim", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat JBoss Web Server 3", "fix_state" : "Out of support scope", "package_name" : "openssl", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-0465\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0465\nhttps://www.openssl.org/news/secadv/20230328.txt" ], "name" : "CVE-2023-0465", "csaw" : false }