Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2022-2068 - OpenSSL Critical finding #34

Closed
tbobrykozaki opened this issue Aug 7, 2023 · 1 comment
Closed

CVE-2022-2068 - OpenSSL Critical finding #34

tbobrykozaki opened this issue Aug 7, 2023 · 1 comment
Labels
Fix-Committed Internal-Issue-Created RS-11146 triaged
Milestone
4.4.1

Comments

@tbobrykozaki
Copy link

tbobrykozaki commented Aug 7, 2023
edited
Loading

Scan Performed by Tenable.IO

Deployed in AWS GovCloud
Base OS RHEL 8.8

Mirth 4.4.0 docker deployment
output from docker exec -it ... /bin/bash -> openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)

Container locations found at
/var/lib/docker/overlay2/2c8b674dbcaeba17980b1e73ffbca5b22ddff4bbb2ec5a99d2eb39065e8fd5a5/diff/usr/bin/openssl
/var/lib/docker/overlay2/bd5700efed7d6206a58c205213a9d5205ac42759343c8a0f0975fba197057f85/merged/usr/bin/openssl
/var/lib/docker/overlay2/3f7d8dcc7c2f2c95be10b79b32cef72d6524b5a263a2e74b02d11363e5be755f/diff/usr/bin/openssl
/var/lib/docker/overlay2/56a86609a5c358b00335308a359f1488f072a6334a2581efff2500ec3ef757ee/diff/usr/bin/openssl
/var/lib/docker/overlay2/c4e78ad6d7d8cc176098872c6bacea5353bf9de0df17865d3b09ba7b439931c2/merged/usr/bin/openssl

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2068

Finding -
The version of OpenSSL installed on the remote host is prior to 3.0.4. It is, therefore, affected by a vulnerability as referenced in the 3.0.4 advisory.

  • In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). (CVE-2022-2068)

Risk Information
RISK FACTOR
Critical
CVSS BASE SCORE
10.0
CVSS TEMPORAL SCORE
7.4
CVSS VECTOR
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS TEMPORAL VECTOR
E:U/RL:OF/RC:C
CVSS3 BASE SCORE
9.8
CVSS3 TEMPORAL SCORE
8.5
CVSS3 VECTOR
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS3 TEMPORAL VECTOR
E:U/RL:O/RC:C
IVAM SEVERITY
I
Vulnerability Information
VULN PUBLISHED
06/20/2022 at 5:00 PM
EXPLOITABILITY
PATCH PUBLISHED
06/20/2022 at 5:00 PM
CPE
cpe:/a:openssl:openssl
Reference Information
CVE
CVE-2022-2068
IAVA
2022-A-0257-S
@pladesma pladesma added this to the 4.4.1 milestone Oct 4, 2023
@jdonextgen
Copy link
Collaborator

We've upgraded OpenSSL to version 3.1.3 in the Mirth Connect Eclipse Temurin Docker images to address vulnerabilities that exist in OpenSSL 3.0.2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Fix-Committed Internal-Issue-Created RS-11146 triaged
Projects
None yet
Milestone
4.4.1
Development

No branches or pull requests
3 participants
@pladesma @tbobrykozaki @jdonextgen