CVE-2015-1793
Published Jul 9, 2015
Last updated a year ago
Overview
- Description
- The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-254
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F958CB89-F7D2-4773-86D9-4C225ED44128"
},
{
"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BF690CE-E83D-4C92-A0F2-5A5A450F73F8"
},
{
"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D4C8E58-FD8C-4269-98B2-FAB85271C9C1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3581A634-36D3-4EA1-A08F-973E216B6DAE"
},
{
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9EC827B-5313-47D7-BF49-CFF033CF3D53"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A438E65F-33B1-46BC-AD93-200DCC6B43D4"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B89180B-FB68-4DD8-B076-16E51CC7FB91"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:opus_10g_ethernet_switch_family:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5646853-D852-45B8-8835-2C77C937FC9D",
"versionEndIncluding": "2.0.0.6"
}
],
"operator": "OR"
}
]
}
]