CVE-2022-0778 OpenSSL vulnerability

CVE-2022-0778 is a denial of service vulnerability in openssl, a component of CodeSonar.

If a CodeSonar hub is running in HTTPS mode, a malicious actor with network access to the hub can cause one hub worker process to go into an infinite loop by sending a crafted TLS client authentication request to the hub.  The attacker might perform this process repeatedly to tie up all the hub processes.  The hub can be restarted to remedy any stuck processes.

Since this is a denial of service vulnerability, the impact is limited.  Attackers cannot steal data or execute arbitrary code using this attack vector.  Since CodeSonar's EULA forbids placing CodeSonar hubs on the internet, the malicious actors would need to be on the customer's intranet.  Evidence of the IP address originating the attack can be found in the hub's traffic.txt log.

We expect that in the near future, network testing tools such as Metasploit may begin testing for and triggering this issue.  You might notice your hub using an abnormal amount of CPU cycles indefinitely if this occurs.

CodeSonar 7.0 will contain an upgraded version of openssl where this vulnerability has been fixed.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

White Papers
Read our white papers to find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber-attacks.
Product Sheets
Read our datasheets and company briefs to gain quick insights into our solutions, products, and integrations, including their capabilities, benefits, and supported environments.
TalkSecure
Topics relating to DevSecOps, application security testing (AST), binary analysis, product security, software assurance and others.
X