Using Untrusted URIs for Revocation Checking (CVE-2022-40617)

Using Untrusted URIs for Revocation Checking (CVE-2022-40617)

Advisory ID	CVE Number	Date discovered	Severity	Advisory revision
STORM-2022-025	CVE-2022-40617	10/04/2022	medium	v2

Vulnerability details

The VPN IPSec Service on SNS may use untrusted OSCP URIs and CRL distribution points in certificates.

Impacted products

Products	Severity	Detail
Stormshield Network Security	medium	SNS is impacted

Revisions

Version	Date	Description
v1	11/17/2022	Reserved Publication
v2	01/10/2023	Updated and disclosed
v3	05/02/2023	Add EAL version

Stormshield Network Security

CVSS v3.1 Overall Score: 5.7

Analysis	Impacted version
An attacker could exploit this vulnerability by crafting a certificate pointing to malicious website and causing a DOS of VPN IPSec service on SNS.	SNS 3.11.1 to 3.11.19 SNS 4.3.1 to 4.3.14 SNS 4.5.1 to 4.5.3

Workaround solution

Solution

No workaround

The following versions fix this vulnerability:

3.11.20
4.3.12.1
4.3.15
4.6.0

Attack Vector	Attack Complexity	Privileges Required	User Interaction	Scope	Confidentiality Impact	Integrity Impact	Availability impact
Network	Low	None	None	Unchanged	None	None	Low

CVSS Base score: 5.3	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploit Code Maturity	Remediation Level	Report Confidence
Functional exploit exists	Official fix	Confirmed

CVSS Temporal score: 4.9	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:O/RC:C)

Confidentiality Requirement (CR)	Integrity Requirement (IR)	Availability Requirement (AR)
High	High	High

CVSS Environmental score: 5.7	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)

RSS Feed Contact Report a vulnerability Legal terms STORMSHIELD Corporate website Personal Data