VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-shkr-cjuz-aaad

Essentials
Severities (62)
References (52)
Severity details (20)
Exploits (2)
EPSS
History (0)

Vulnerability ID	VCID-shkr-cjuz-aaad
Aliases	CVE-2015-1793 VC-OPENSSL-20150709-CVE-2015-1793
Summary	An error in the implementation of the alternative certificate chain logic could allow an attacker to cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-254

7PK - Security Features

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1793.html
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.08765	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.15398	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.15398	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.15398	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.15398	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.85556	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.86857	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.87281	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.87281	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.87281	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
epss	0.87281	https://api.first.org/data/v1/epss?cve=CVE-2015-1793
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1238619
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793
generic_textual	Medium	https://mta.openssl.org/pipermail/openssl-announce/2015-July/000037.html
cvssv2	6.4	https://nvd.nist.gov/vuln/detail/CVE-2015-1793
cvssv3	6.5	https://nvd.nist.gov/vuln/detail/CVE-2015-1793
generic_textual	High	https://www.openssl.org/news/secadv/20150709.txt
generic_textual	Medium	https://www.openssl.org/news/secadv_20150709.txt
cvssv3.1	9.8	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
generic_textual	CRITICAL	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cvssv3.1	9.8	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
generic_textual	CRITICAL	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
cvssv3.1	8.1	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Reference id	Reference type	URL
		http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
		http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
		http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
		http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161747.html
		http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161782.html
		http://marc.info/?l=bugtraq&m=143880121627664&w=2
		http://marc.info/?l=bugtraq&m=144370846326989&w=2
		http://openssl.org/news/secadv_20150709.txt
		http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1793.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1793.json
		https://api.first.org/data/v1/epss?cve=CVE-2015-1793
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793
		https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=9a0db453ba017ebcaccbee933ee6511a9ae4d1c8
		https://git.openssl.org/?p=openssl.git;a=commit;h=9a0db453ba017ebcaccbee933ee6511a9ae4d1c8
		https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04822825
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
		https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
		https://kc.mcafee.com/corporate/index?page=content&id=SB10125
		https://mta.openssl.org/pipermail/openssl-announce/2015-July/000037.html
		https://security.gentoo.org/glsa/201507-15
		https://www.exploit-db.com/exploits/38640/
		https://www.freebsd.org/security/advisories/FreeBSD-SA-15:12.openssl.asc
		https://www.openssl.org/news/secadv/20150709.txt
		https://www.openssl.org/news/secadv_20150709.txt
		http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl
		http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454058.htm
		http://www.fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
		http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
		http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
		http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
		http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
		http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
		http://www.securityfocus.com/bid/75652
		http://www.securityfocus.com/bid/91787
		http://www.securitytracker.com/id/1032817
		http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.561427
1238619		https://bugzilla.redhat.com/show_bug.cgi?id=1238619
cpe:2.3:a:openssl:openssl:1.0.1n:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1n:::::::*
cpe:2.3:a:openssl:openssl:1.0.1o:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1o:::::::*
cpe:2.3:a:openssl:openssl:1.0.2b:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2b:::::::*
cpe:2.3:a:openssl:openssl:1.0.2c:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.2c:::::::*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1:::::::*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
cpe:2.3:a:oracle:supply_chain_products_suite:6.1.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:supply_chain_products_suite:6.1.2.2:::::::*
cpe:2.3:a:oracle:supply_chain_products_suite:6.1.3.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:supply_chain_products_suite:6.1.3.0:::::::*
cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:::::::*
cpe:2.3:o:oracle:opus_10g_ethernet_switch_family::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:opus_10g_ethernet_switch_family::::::::
CVE-2015-1793		https://nvd.nist.gov/vuln/detail/CVE-2015-1793
CVE-2015-1793;OSVDB-124300	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/38640.rb

Data source	Exploit-DB
Date added	Nov. 5, 2015
Description	OpenSSL - Alternative Chains Certificate Forgery
Ransomware campaign use	Unknown
Source publication date	Nov. 5, 2015
Exploit type	webapps
Platform	multiple
Source update date	Nov. 5, 2015

Data source	Metasploit
Description	This module exploits a logic error in OpenSSL by impersonating the server and sending a specially-crafted chain of certificates, resulting in certain checks on untrusted certificates to be bypassed on the client, allowing it to use a valid leaf certificate as a CA certificate to sign a fake certificate. The SSL/TLS session is then proxied to the server allowing the session to continue normally and application data transmitted between the peers to be saved. The valid leaf certificate must not contain the keyUsage extension or it must have at least the keyCertSign bit set (see X509_check_issued function in crypto/x509v3/v3_purp.c); otherwise; X509_verify_cert fails with X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. This module requires an active man-in-the-middle attack.
Note	{}
Ransomware campaign use	Unknown
Source publication date	July 9, 2015
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/server/openssl_altchainsforgery_mitm_proxy.rb

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-1793

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-1793

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.94722
EPSS Score	0.08765
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.