Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-4203

Published: 24/02/2023 Updated: 04/02/2024
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Openssl

Vulnerability Summary

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

Vendor Advisories

Red Hat: Important: openssl security and bug fix update
概述 Important: openssl security and bug fix update 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for openssl is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Sec ...
Red Hat:
Description<!---->A flaw was found in Open SSL A read buffer overrun can be triggered in X509 certificate verification, specifically in name constraint checking Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate ver ...
Hitachi Security Advisories: Vulnerability in Cosminexus HTTP Server
A vulnerability (CVE-2022-4203) exists in Cosminexus HTTP Server Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Palo Alto Networks Security Advisory: PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023 ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/71cffbbb5782b9d4ff8663dd3e2f52c6
https://ics-cert.us-cert.gov/advisories/98c399e36f6402fb998b84a1a7aaa7b0
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-125https://www.openssl.org/news/secadv/20230207.txthttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabchttps://security.gentoo.org/glsa/202402-08https://access.redhat.com/errata/RHSA-2023:1199https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08https://access.redhat.com/security/cve/cve-2022-4203
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook