CVE-2023-6935 (GCVE-0-2023-6935)

Vulnerability from cvelistv5 – Published: 2024-02-09 22:25 – Updated: 2024-08-02 08:42
VLAI?
Summary
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure: --enable-all CFLAGS="-DWOLFSSL_STATIC_RSA" The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.  Therefore the default build since 3.6.6, even with "--enable-all", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent. The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.
Severity ?
5.9 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
wolfSSL wolfSSL Affected: 3.12.2 , ≤ 5.6.4 (release bundle)
Create a notification for this product.
Credits
Hubert Kario tlsfuzzer
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6935",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-12T12:48:11.895530Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:17:16.476Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:08.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "technical-description",
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://people.redhat.com/~hkario/marvin/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "RSA"
          ],
          "product": "wolfSSL",
          "repo": "https://github.com/wolfSSL/wolfssl",
          "vendor": "wolfSSL",
          "versions": [
            {
              "lessThanOrEqual": "5.6.4",
              "status": "affected",
              "version": "3.12.2",
              "versionType": "release bundle"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "To be vulnerable, static RSA cipher suites must be enabled with\u003cbr\u003e\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eCFLAGS=\"-DWOLFSSL_STATIC_RSA\"\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eThese have been disabled by default since wolfSSL 3.6.6. The default configuration of wolfSSL is not vulnerable."
            }
          ],
          "value": "To be vulnerable, static RSA cipher suites must be enabled with\nCFLAGS=\"-DWOLFSSL_STATIC_RSA\"\n\nThese have been disabled by default since wolfSSL 3.6.6. The default configuration of wolfSSL is not vulnerable."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Hubert Kario"
        },
        {
          "lang": "en",
          "type": "tool",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "tlsfuzzer"
        }
      ],
      "datePublic": "2023-12-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBleichenbacher\u003c/span\u003e style attack, when built with the following options to configure:\u003cbr\u003e\u003cbr\u003e--enable-all CFLAGS=\"-DWOLFSSL_STATIC_RSA\"\u003cbr\u003e\u003cbr\u003eThe define \u201cWOLFSSL_STATIC_RSA\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\u0026nbsp; Therefore the default build since 3.6.6, even with \"--enable-all\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\u003cbr\u003e\u003cbr\u003eThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\u2019s private key is not exposed.\u003cbr\u003e"
            }
          ],
          "value": "wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:\n\n--enable-all CFLAGS=\"-DWOLFSSL_STATIC_RSA\"\n\nThe define \u201cWOLFSSL_STATIC_RSA\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\u00a0 Therefore the default build since 3.6.6, even with \"--enable-all\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\n\nThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\u2019s private key is not exposed.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-463",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-463 Padding Oracle Crypto Attack"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-203",
              "description": "CWE-203 Observable Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-09T22:25:04.663Z",
        "orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
        "shortName": "wolfSSL"
      },
      "references": [
        {
          "tags": [
            "technical-description",
            "third-party-advisory"
          ],
          "url": "https://people.redhat.com/~hkario/marvin/"
        },
        {
          "url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade wolfSSL to 5.6.6"
            }
          ],
          "value": "Upgrade wolfSSL to 5.6.6"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Marvin Attack vulnerability in SP Math All RSA",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cul\u003e\u003cli\u003eDo not enable static RSA cipher suites\u003c/li\u003e\u003cli\u003eUse TLS 1.3\u003c/li\u003e\u003cli\u003eBuild with --enable-sp, or --enable-sp-asm\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "  *  Do not enable static RSA cipher suites\n  *  Use TLS 1.3\n  *  Build with --enable-sp, or --enable-sp-asm\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
    "assignerShortName": "wolfSSL",
    "cveId": "CVE-2023-6935",
    "datePublished": "2024-02-09T22:25:04.663Z",
    "dateReserved": "2023-12-18T22:00:54.166Z",
    "dateUpdated": "2024-08-02T08:42:08.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.12.2\", \"versionEndIncluding\": \"5.6.4\", \"matchCriteriaId\": \"814E3645-BD7D-48A3-8D8D-4587FBBA2AD3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:\\n\\n--enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\\n\\nThe define \\u201cWOLFSSL_STATIC_RSA\\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\\u00a0 Therefore the default build since 3.6.6, even with \\\"--enable-all\\\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\\n\\nThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\\u2019s private key is not exposed.\\n\"}, {\"lang\": \"es\", \"value\": \"wolfSSL SP Math Toda la implementaci\\u00f3n de RSA es vulnerable al ataque Marvin, una nueva variaci\\u00f3n de un ataque de sincronizaci\\u00f3n de estilo Bleichenbacher, cuando se construye con las siguientes opciones para configurar: --enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\" La definici\\u00f3n \\\"WOLFSSL_STATIC_RSA\\\" habilita RSA est\\u00e1tico conjuntos de cifrado, que no se recomienda y ha estado deshabilitado de forma predeterminada desde wolfSSL 3.6.6. Por lo tanto, la compilaci\\u00f3n predeterminada desde 3.6.6, incluso con \\\"--enable-all\\\", no es vulnerable al ataque Marvin. La vulnerabilidad es espec\\u00edfica de los conjuntos de cifrado RSA est\\u00e1ticos y se espera que sea independiente del relleno. La vulnerabilidad permite a un atacante descifrar textos cifrados y falsificar firmas despu\\u00e9s de realizar una gran cantidad de observaciones de prueba. Sin embargo, la clave privada del servidor no est\\u00e1 expuesta.\"}]",
      "id": "CVE-2023-6935",
      "lastModified": "2024-11-21T08:44:52.217",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"facts@wolfssl.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}]}",
      "published": "2024-02-09T23:15:08.030",
      "references": "[{\"url\": \"https://people.redhat.com/~hkario/marvin/\", \"source\": \"facts@wolfssl.com\", \"tags\": [\"Technical Description\"]}, {\"url\": \"https://www.wolfssl.com/docs/security-vulnerabilities/\", \"source\": \"facts@wolfssl.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://people.redhat.com/~hkario/marvin/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\"]}, {\"url\": \"https://www.wolfssl.com/docs/security-vulnerabilities/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "facts@wolfssl.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"facts@wolfssl.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-203\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-203\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-6935\",\"sourceIdentifier\":\"facts@wolfssl.com\",\"published\":\"2024-02-09T23:15:08.030\",\"lastModified\":\"2024-11-21T08:44:52.217\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:\\n\\n--enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\\n\\nThe define \u201cWOLFSSL_STATIC_RSA\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\u00a0 Therefore the default build since 3.6.6, even with \\\"--enable-all\\\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\\n\\nThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\u2019s private key is not exposed.\\n\"},{\"lang\":\"es\",\"value\":\"wolfSSL SP Math Toda la implementaci\u00f3n de RSA es vulnerable al ataque Marvin, una nueva variaci\u00f3n de un ataque de sincronizaci\u00f3n de estilo Bleichenbacher, cuando se construye con las siguientes opciones para configurar: --enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\" La definici\u00f3n \\\"WOLFSSL_STATIC_RSA\\\" habilita RSA est\u00e1tico conjuntos de cifrado, que no se recomienda y ha estado deshabilitado de forma predeterminada desde wolfSSL 3.6.6. Por lo tanto, la compilaci\u00f3n predeterminada desde 3.6.6, incluso con \\\"--enable-all\\\", no es vulnerable al ataque Marvin. La vulnerabilidad es espec\u00edfica de los conjuntos de cifrado RSA est\u00e1ticos y se espera que sea independiente del relleno. La vulnerabilidad permite a un atacante descifrar textos cifrados y falsificar firmas despu\u00e9s de realizar una gran cantidad de observaciones de prueba. Sin embargo, la clave privada del servidor no est\u00e1 expuesta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"facts@wolfssl.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"facts@wolfssl.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.12.2\",\"versionEndIncluding\":\"5.6.4\",\"matchCriteriaId\":\"814E3645-BD7D-48A3-8D8D-4587FBBA2AD3\"}]}]}],\"references\":[{\"url\":\"https://people.redhat.com/~hkario/marvin/\",\"source\":\"facts@wolfssl.com\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://www.wolfssl.com/docs/security-vulnerabilities/\",\"source\":\"facts@wolfssl.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://people.redhat.com/~hkario/marvin/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://www.wolfssl.com/docs/security-vulnerabilities/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://people.redhat.com/~hkario/marvin/\", \"tags\": [\"technical-description\", \"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.wolfssl.com/docs/security-vulnerabilities/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:42:08.533Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6935\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-12T12:48:11.895530Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.084Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"Marvin Attack vulnerability in SP Math All RSA\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Hubert Kario\"}, {\"lang\": \"en\", \"type\": \"tool\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"tlsfuzzer\"}], \"impacts\": [{\"capecId\": \"CAPEC-463\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-463 Padding Oracle Crypto Attack\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/wolfSSL/wolfssl\", \"vendor\": \"wolfSSL\", \"modules\": [\"RSA\"], \"product\": \"wolfSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.12.2\", \"versionType\": \"release bundle\", \"lessThanOrEqual\": \"5.6.4\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade wolfSSL to 5.6.6\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Upgrade wolfSSL to 5.6.6\", \"base64\": false}]}], \"datePublic\": \"2023-12-20T00:00:00.000Z\", \"references\": [{\"url\": \"https://people.redhat.com/~hkario/marvin/\", \"tags\": [\"technical-description\", \"third-party-advisory\"]}, {\"url\": \"https://www.wolfssl.com/docs/security-vulnerabilities/\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"  *  Do not enable static RSA cipher suites\\n  *  Use TLS 1.3\\n  *  Build with --enable-sp, or --enable-sp-asm\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cul\u003e\u003cli\u003eDo not enable static RSA cipher suites\u003c/li\u003e\u003cli\u003eUse TLS 1.3\u003c/li\u003e\u003cli\u003eBuild with --enable-sp, or --enable-sp-asm\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:\\n\\n--enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\\n\\nThe define \\u201cWOLFSSL_STATIC_RSA\\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\\u00a0 Therefore the default build since 3.6.6, even with \\\"--enable-all\\\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\\n\\nThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\\u2019s private key is not exposed.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eBleichenbacher\u003c/span\u003e style attack, when built with the following options to configure:\u003cbr\u003e\u003cbr\u003e--enable-all CFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\u003cbr\u003e\u003cbr\u003eThe define \\u201cWOLFSSL_STATIC_RSA\\u201d enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.\u0026nbsp; Therefore the default build since 3.6.6, even with \\\"--enable-all\\\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\u003cbr\u003e\u003cbr\u003eThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server\\u2019s private key is not exposed.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-203\", \"description\": \"CWE-203 Observable Discrepancy\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"To be vulnerable, static RSA cipher suites must be enabled with\\nCFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\\n\\nThese have been disabled by default since wolfSSL 3.6.6. The default configuration of wolfSSL is not vulnerable.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"To be vulnerable, static RSA cipher suites must be enabled with\u003cbr\u003e\u003cb\u003e\u003cspan style=\\\"background-color: transparent;\\\"\u003eCFLAGS=\\\"-DWOLFSSL_STATIC_RSA\\\"\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eThese have been disabled by default since wolfSSL 3.6.6. The default configuration of wolfSSL is not vulnerable.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"50d2cd11-d01a-48ed-9441-5bfce9d63b27\", \"shortName\": \"wolfSSL\", \"dateUpdated\": \"2024-02-09T22:25:04.663Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-6935\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T08:42:08.533Z\", \"dateReserved\": \"2023-12-18T22:00:54.166Z\", \"assignerOrgId\": \"50d2cd11-d01a-48ed-9441-5bfce9d63b27\", \"datePublished\": \"2024-02-09T22:25:04.663Z\", \"assignerShortName\": \"wolfSSL\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.