CVE-2018-0732
HIGHCVSS 7.5/10EPSS 49.27%
Last modified
CVE-2018-0732 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. EPSS estimates a 49.27% chance of exploitation in the next 30 days.
Description
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | >= 1.0.2, <= 1.0.2o |
| Openssl | Openssl | >= 1.1.0, <= 1.1.0h |
| Canonical | Ubuntu Linux | 12.04 |
| Canonical | Ubuntu Linux | 14.04 |
| Canonical | Ubuntu Linux | 16.04 |
| Canonical | Ubuntu Linux | 17.10 |
| Canonical | Ubuntu Linux | 18.04 |
| Debian | Debian Linux | 8.0 |
| Nodejs | Node.Js | >= 6.0.0, < 6.8.1 |
| Nodejs | Node.Js | >= 6.9.0, < 6.14.4 |
| Nodejs | Node.Js | >= 8.0.0, < 8.8.1 |
| Nodejs | Node.Js | >= 8.9.0, < 8.11.4 |
| Nodejs | Node.Js | >= 10.0.0, < 10.9.0 |
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlPatch, Third Party Advisory
- http://www.securityfocus.com/bid/104442Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1041090Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHSA-2018:2552Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2553Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3221Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3505Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1296Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1297Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1543Third Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdfThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00043.htmlThird Party Advisory
- https://security.gentoo.org/glsa/201811-03Third Party Advisory
- https://security.netapp.com/advisory/ntap-20181105-0001/Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190118-0002/Third Party Advisory
- https://securityadvisories.paloaltonetworks.com/Home/Detail/133Third Party Advisory
- https://usn.ubuntu.com/3692-1/Third Party Advisory
- https://usn.ubuntu.com/3692-2/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4348Third Party Advisory
- https://www.debian.org/security/2018/dsa-4355Third Party Advisory
- https://www.openssl.org/news/secadv/20180612.txtVendor Advisory
- https://www.oracle.com/security-alerts/cpuapr2020.htmlThird Party Advisory
- https://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
- https://www.tenable.com/security/tns-2018-12Third Party Advisory
- https://www.tenable.com/security/tns-2018-13Third Party Advisory
- https://www.tenable.com/security/tns-2018-14Third Party Advisory
- https://www.tenable.com/security/tns-2018-17Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlPatch, Third Party Advisory
- http://www.securityfocus.com/bid/104442Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1041090Third Party Advisory, VDB Entry
- https://access.redhat.com/errata/RHSA-2018:2552Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2553Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3221Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3505Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1296Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1297Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1543Third Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdfThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00043.htmlThird Party Advisory
- https://security.gentoo.org/glsa/201811-03Third Party Advisory
- https://security.netapp.com/advisory/ntap-20181105-0001/Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190118-0002/Third Party Advisory
- https://securityadvisories.paloaltonetworks.com/Home/Detail/133Third Party Advisory
- https://usn.ubuntu.com/3692-1/Third Party Advisory
- https://usn.ubuntu.com/3692-2/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4348Third Party Advisory
- https://www.debian.org/security/2018/dsa-4355Third Party Advisory
- https://www.openssl.org/news/secadv/20180612.txtVendor Advisory
- https://www.oracle.com/security-alerts/cpuapr2020.htmlThird Party Advisory
- https://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
- https://www.tenable.com/security/tns-2018-12Third Party Advisory
- https://www.tenable.com/security/tns-2018-13Third Party Advisory
- https://www.tenable.com/security/tns-2018-14Third Party Advisory
- https://www.tenable.com/security/tns-2018-17Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-0732?
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
How severe is CVE-2018-0732?
CVE-2018-0732 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 49.27% probability of exploitation in the next 30 days.
How do I fix CVE-2018-0732?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-0732?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST