CVE-2022-23003 - OpenCVE

When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Westerndigital	Sweet B

Configuration 1 [-]

cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities

History

No history.

MITRE

Status: PUBLISHED

Assigner: WDC PSIRT

Published: 2022-07-29T18:54:29

Updated: 2024-08-03T03:28:42.989Z

Reserved: 2022-01-10T00:00:00

Link: CVE-2022-23003

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-07-29T19:15:08.287

Modified: 2022-08-05T18:48:46.320

Link: CVE-2022-23003

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Sweet B Library", "vendor": "Western Digital", "versions": [{"lessThan": "v2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-703", "description": "CWE-703 Improper Check or Handling of Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-29T18:54:29", "orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a", "shortName": "WDC PSIRT"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"}], "solutions": [{"lang": "en", "value": "The vulnerability was addressed by fully reducing the output modulo the field prime. To get the latest version of the Sweet B library, update your local repository from https://github.com/westerndigitalcorporation/sweet-b"}], "source": {"discovery": "INTERNAL"}, "title": "Shared secret or Point multiplication of NIST P-256 points with X coordinate of zero", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@wdc.com", "ID": "CVE-2022-23003", "STATE": "PUBLIC", "TITLE": "Shared secret or Point multiplication of NIST P-256 points with X coordinate of zero"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Sweet B Library", "version": {"version_data": [{"version_affected": "<", "version_value": "v2"}]}}]}, "vendor_name": "Western Digital"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-703 Improper Check or Handling of Exceptional Conditions"}]}]}, "references": {"reference_data": [{"name": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities", "refsource": "MISC", "url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"}]}, "solution": [{"lang": "en", "value": "The vulnerability was addressed by fully reducing the output modulo the field prime. To get the latest version of the Sweet B library, update your local repository from https://github.com/westerndigitalcorporation/sweet-b"}], "source": {"discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:28:42.989Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"}]}]}, "cveMetadata": {"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a", "assignerShortName": "WDC PSIRT", "cveId": "CVE-2022-23003", "datePublished": "2022-07-29T18:54:29", "dateReserved": "2022-01-10T00:00:00", "dateUpdated": "2024-08-03T03:28:42.989Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*", "matchCriteriaId": "BD0868BB-4143-41EC-9A15-C16C98EF851C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components."}, {"lang": "es", "value": "Cuando es computado un secreto compartido o una multiplicaci\u00f3n de puntos en la curva P-256 del NIST que resulta en una coordenada X de cero, el resultado no es reducido apropiadamente modulo el primo del campo P-256 y es inv\u00e1lido. El resultado puede causar un error cuando es usada en otras operaciones. Esto puede ser aprovechado por un atacante para causar un escenario de error o una elecci\u00f3n incorrecta de la clave de sesi\u00f3n en las aplicaciones que usan la biblioteca, resultando en una denegaci\u00f3n de servicio limitada para un usuario individual. El alcance del impacto no puede extenderse a otros componentes"}], "id": "CVE-2022-23003", "lastModified": "2022-08-05T18:48:46.320", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "psirt@wdc.com", "type": "Secondary"}]}, "published": "2022-07-29T19:15:08.287", "references": [{"source": "psirt@wdc.com", "tags": ["Product", "Vendor Advisory"], "url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"}], "sourceIdentifier": "psirt@wdc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-682"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-703"}], "source": "psirt@wdc.com", "type": "Secondary"}]}