{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-50782", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-12-13T20:44:02.023Z", "datePublished": "2024-02-05T20:45:49.705Z", "dateUpdated": "2024-11-25T10:24:46.647Z"}, "containers": {"cna": {"title": "Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data."}], "affected": [{"versions": [{"status": "affected", "version": "3.2", "lessThan": "42.0.0", "versionType": "semver"}], "packageName": "python-cryptography", "collectionURL": "https://github.com/pyca/cryptography", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Ansible Automation Platform 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:ansible_automation_platform:2"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python39:3.9/python-cryptography", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat Satellite 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:satellite:6"]}, {"vendor": "Red Hat", "product": "Red Hat Update Infrastructure 4 for Cloud Providers", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "python-cryptography", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:rhui:4::el8"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-50782", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432", "name": "RHBZ#2254432", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2023-12-13T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-208", "description": "Observable Timing Discrepancy", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-327->CWE-385->CWE-208: Use of a Broken or Risky Cryptographic Algorithm leads to Covert Timing Channel leads to Observable Timing Discrepancy", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2023-12-13T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-12-13T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "This issue was discovered by Hubert Kario (Red Hat)."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-11-25T10:24:46.647Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:43.327Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-50782", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432", "name": "RHBZ#2254432", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://www.couchbase.com/alerts/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B4BE2D6-43C3-4065-A213-5DB1325DC78F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:update_infrastructure:4:*:*:*:*:*:*:*", "matchCriteriaId": "E8D92E10-0E79-479F-A963-5657D1BC4E03", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cryptography.io:cryptography:*:*:*:*:*:python:*:*", "matchCriteriaId": "A7B7EA1D-8C2A-4C40-B9FC-E83F4E87C62B", "versionEndExcluding": "42.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:couchbase:couchbase_server:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE39595E-F4B2-4CEC-A405-809B75E71E36", "vulnerable": true}, {"criteria": "cpe:2.3:a:couchbase:couchbase_server:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B84B0C96-07C4-44ED-A291-94CEAAF6FFB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en el paquete python-cryptography. Este problema puede permitir que un atacante remoto descifre mensajes capturados en servidores TLS que utilizan intercambios de claves RSA, lo que puede provocar la exposici\u00f3n de datos confidenciales o sensibles."}], "id": "CVE-2023-50782", "lastModified": "2024-11-21T08:37:18.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-05T21:15:11.183", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-50782"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-50782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.couchbase.com/alerts/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-208"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Hubert Kario (Red Hat).", "bugzilla": {"description": "python-cryptography: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for CVE-2020-25659", "id": "2254432", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-327->CWE-385->CWE-208", "details": ["A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.", "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-50782", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "python-cryptography", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "python39:3.9/python-cryptography", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "python-cryptography", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhui:4::el8", "fix_state": "Affected", "package_name": "python-cryptography", "product_name": "Red Hat Update Infrastructure 4 for Cloud Providers"}], "public_date": "2023-12-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-50782\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-50782"], "statement": "This vulnerability exists due to an incomplete fix for CVE-2020-25659.\nThe CVE-2020-25659 vulnerability presents a moderate severity concern due to its specific impact on applications utilizing RSA decryption with PKCS#1 v1.5 padding. While the vulnerability could potentially lead to leakage in RSA decryption operations, its severity is downgraded to moderate by several factors. Firstly, the exploitability of the vulnerability is limited to scenarios where RSA decryption with PKCS#1 v1.5 padding is employed, narrowing the scope of affected systems. Additionally, the implementation of implicit rejection, such as the Marvin workaround, provides a viable mitigation strategy. \nhttps://people.redhat.com/~hkario/marvin/", "threat_severity": "Moderate", "upstream_fix": "cryptography 42.0.0"}