{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2023-6237","assignerOrgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","state":"PUBLISHED","assignerShortName":"openssl","dateReserved":"2023-11-21T10:16:34.346Z","datePublished":"2024-04-25T06:27:26.990Z","dateUpdated":"2026-05-12T10:41:05.568Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"OpenSSL","vendor":"OpenSSL","versions":[{"lessThan":"3.0.13","status":"affected","version":"3.0.0","versionType":"semver"},{"lessThan":"3.1.5","status":"affected","version":"3.1.0","versionType":"semver"},{"lessThan":"3.2.1","status":"affected","version":"3.2.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"OSS-Fuzz"},{"lang":"en","type":"remediation developer","user":"00000000-0000-4000-9000-000000000000","value":"Tomas Mraz"}],"datePublic":"2024-01-15T00:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Issue summary: Checking excessively long invalid RSA public keys may take<br>a long time.<br><br>Impact summary: Applications that use the function EVP_PKEY_public_check()<br>to check RSA public keys may experience long delays. Where the key that<br>is being checked has been obtained from an untrusted source this may lead<br>to a Denial of Service.<br><br>When function EVP_PKEY_public_check() is called on RSA public keys,<br>a computation is done to confirm that the RSA modulus, n, is composite.<br>For valid RSA keys, n is a product of two or more large primes and this<br>computation completes quickly. However, if n is an overly large prime,<br>then this computation would take a long time.<br><br>An application that calls EVP_PKEY_public_check() and supplies an RSA key<br>obtained from an untrusted source could be vulnerable to a Denial of Service<br>attack.<br><br>The function EVP_PKEY_public_check() is not called from other OpenSSL<br>functions however it is called from the OpenSSL pkey command line<br>application. For that reason that application is also vulnerable if used<br>with the '-pubin' and '-check' options on untrusted data.<br><br>The OpenSSL SSL/TLS implementation is not affected by this issue.<br><br>The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."}],"value":"Issue summary: Checking excessively long invalid RSA public keys may take\na long time.\n\nImpact summary: Applications that use the function EVP_PKEY_public_check()\nto check RSA public keys may experience long delays. Where the key that\nis being checked has been obtained from an untrusted source this may lead\nto a Denial of Service.\n\nWhen function EVP_PKEY_public_check() is called on RSA public keys,\na computation is done to confirm that the RSA modulus, n, is composite.\nFor valid RSA keys, n is a product of two or more large primes and this\ncomputation completes quickly. However, if n is an overly large prime,\nthen this computation would take a long time.\n\nAn application that calls EVP_PKEY_public_check() and supplies an RSA key\nobtained from an untrusted source could be vulnerable to a Denial of Service\nattack.\n\nThe function EVP_PKEY_public_check() is not called from other OpenSSL\nfunctions however it is called from the OpenSSL pkey command line\napplication. For that reason that application is also vulnerable if used\nwith the '-pubin' and '-check' options on untrusted data.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."}],"metrics":[{"format":"other","other":{"content":{"text":"Low"},"type":"https://www.openssl.org/policies/secpolicy.html"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-606","description":"CWE-606 Unchecked Input for Loop Condition","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2024-10-14T14:55:56.955Z"},"references":[{"name":"OpenSSL Advisory","tags":["vendor-advisory"],"url":"https://www.openssl.org/news/secadv/20240115.txt"},{"name":"3.0.13 git commit","tags":["patch"],"url":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a"},{"name":"3.1.5 git commit","tags":["patch"],"url":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294"},{"name":"3.2.1 git commit","tags":["patch"],"url":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d"}],"source":{"discovery":"UNKNOWN"},"title":"Excessive time spent checking invalid RSA public keys","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:21:18.096Z"},"title":"CVE Program Container","references":[{"name":"OpenSSL Advisory","tags":["vendor-advisory","x_transferred"],"url":"https://www.openssl.org/news/secadv/20240115.txt"},{"name":"3.0.13 git commit","tags":["patch","x_transferred"],"url":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a"},{"name":"3.1.5 git commit","tags":["patch","x_transferred"],"url":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294"},{"name":"3.2.1 git commit","tags":["patch","x_transferred"],"url":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d"},{"url":"http://www.openwall.com/lists/oss-security/2024/03/11/1","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20240531-0007/","tags":["x_transferred"]}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.9,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"HIGH","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-20T14:44:52.382969Z","id":"CVE-2023-6237","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-01T14:28:51.338Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T10:41:05.568Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SINEC NMS","versions":[{"status":"affected","version":"0","lessThan":"V3.0 SP1","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-331112.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-915275.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-769027.html"}]}]},"dataVersion":"5.2"}