This security advisory addresses multiple OpenSSL vulnerabilities affecting the TN-5900 Series, specifically CVE-2022-4304, CVE-2023-0215, and CVE-2023-0286. These vulnerabilities pose significant security risks, including potential plaintext recovery through timing-based side-channel attacks, improper memory management leading to memory corruption, and type confusion vulnerabilities that could allow unauthorized memory access or denial of service attacks.
The Identified Vulnerability Type and Potential Impact
Item |
Vulnerability Type |
Impact |
1 |
Observable Discrepancy (CWE-203)
CVE-2022-4304
|
After a sufficiently large number of messages, the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. |
2 |
Use After Free (CWE-416)
CVE-2023-0215 |
If the caller then calls BIO_pop() on the BIO, a use-after-free will occur. This will most likely result in a crash. |
3 |
Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)
CVE-2023-0286 |
This vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. |
Vulnerability Scoring Details
ID
|
Base
Score
|
CVSS:3.1 Vector
|
Severity |
Unauthenticated
Remote Exploit
|
CVE-2022-4304 |
5.9
|
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Medium |
Yes |
CVE-2023-0215 |
7.5 |
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
High |
Yes |
CVE-2023-0286 |
7.4 |
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
High |
Yes |