CVE-2022-0778 OpenSSL vulnerability

CVE-2022-0778 is a denial of service vulnerability in openssl, a component of CodeSonar.

If a CodeSonar hub is running in HTTPS mode, a malicious actor with network access to the hub can cause one hub worker process to go into an infinite loop by sending a crafted TLS client authentication request to the hub.  The attacker might perform this process repeatedly to tie up all the hub processes.  The hub can be restarted to remedy any stuck processes.

Since this is a denial of service vulnerability, the impact is limited.  Attackers cannot steal data or execute arbitrary code using this attack vector.  Since CodeSonar's EULA forbids placing CodeSonar hubs on the internet, the malicious actors would need to be on the customer's intranet.  Evidence of the IP address originating the attack can be found in the hub's traffic.txt log.

We expect that in the near future, network testing tools such as Metasploit may begin testing for and triggering this issue.  You might notice your hub using an abnormal amount of CPU cycles indefinitely if this occurs.

CodeSonar 7.0 will contain an upgraded version of openssl where this vulnerability has been fixed.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Blog
Posts by topic including static analysis, software assurance, and binary analysis