CVE-2024-12797
OpenSSL TLS/DTLS Raw Public Key Authentication Failure
Description
Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
INFO
Published Date :
Feb. 11, 2025, 4:15 p.m.
Last Modified :
Feb. 11, 2025, 11:15 p.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-12797.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-12797 vulnerability anywhere in the article.
-
security.nl
Apple ontdekt OpenSSL-kwetsbaarheid die mitm-aanval mogelijk maakt
Een beveiligingsonderzoeker van Apple heeft een kwetsbaarheid (CVE-2024-12797) in OpenSSL gevonden waardoor het in bepaalde gevallen mogelijk is om man-in-the-middle (mitm)-aanvallen uit te voeren. He ... Read more
-
TheCyberThrone
CVE-2024-12797 OpenSSL Vulnerability Patched
CVE-2024-12797 is a critical security vulnerability discovered in OpenSSL, a widely used cryptographic library that provides secure communication over computer networks. This vulnerability poses signi ... Read more
The following table lists the changes that have been made to the
CVE-2024-12797 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Feb. 11, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/02/11/4 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Feb. 11, 2025
Action Type Old Value New Value Added Reference http://www.openwall.com/lists/oss-security/2025/02/11/3 -
New CVE Received by [email protected]
Feb. 11, 2025
Action Type Old Value New Value Added Description Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Added CWE CWE-392 Added Reference https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9 Added Reference https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7 Added Reference https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699 Added Reference https://openssl-library.org/news/secadv/20250211.txt
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-12797 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-12797
weaknesses.