How severe is CVE-2022-4304?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2022-4304?

This is classified as CWE-203, which is a common weakness in software security.

CVE-2022-4304 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

Related Vulnerabilities

CVE-2015-0837

MEDIUM

CVSS:5.9(Medium)

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during mod...

CWE-2032015

CVE-2015-8313

MEDIUM

CVSS:5.9(Medium)

GnuTLS incorrectly validates the first byte of padding in CBC modes

CWE-2032015

CVE-2016-0762

MEDIUM

CVSS:5.9(Medium)

The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied...

CWE-2032016

CVE-2017-1000385

MEDIUM

CVSS:5.9(Medium)

The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priva...

CWE-2032017

CVE-2017-13098

MEDIUM

CVSS:5.9(Medium)

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using...

CWE-2032017

CVE-2017-13099

MEDIUM

CVSS:5.9(Medium)

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL ...

CWE-2032017