NVD - CVE-2023-2975 (original) (raw)
Current Description
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.
Analysis Description
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.
Metrics
NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:
NIST: NVD
NVD assessment not yet provided.
CVSS 3.x Severity and Vector Strings:
NIST: NVD
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS 2.0 Severity and Vector Strings:
NIST: NVD
Base Score: N/A
NVD assessment not yet provided.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].
| URL | Source(s) | Tag(s) |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2023/07/15/1 | CVE | |
| http://www.openwall.com/lists/oss-security/2023/07/19/5 | CVE | |
| https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 | CVE, OpenSSL Software Foundation | Patch |
| https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc | CVE, OpenSSL Software Foundation | Patch |
| https://security.gentoo.org/glsa/202402-08 | CVE | |
| https://security.netapp.com/advisory/ntap-20230725-0004/ | CVE | |
| https://www.openssl.org/news/secadv/20230714.txt | CVE, OpenSSL Software Foundation | Vendor Advisory |
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| CWE-287 | Improper Authentication | NIST |
| CWE-354 | Improper Validation of Integrity Check Value | OpenSSL Software Foundation |
Known Affected Software Configurations Switch to CPE 2.2
Change History
11 change records found show changes
CVE Modified by CISA-ADP 6/17/2026 1:53:55 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | SSVC | {"timestamp":"2025-04-23T13:26:23.638671Z","id":"CVE-2023-2975","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"} |
CVE Modified by OpenSSL Software Foundation 6/17/2026 1:53:55 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Affected | [{"vendor":"OpenSSL","product":"OpenSSL","defaultStatus":"unaffected","versions":[{"version":"3.1.0","lessThan":"3.1.2","versionType":"semver","status":"affected"},{"version":"3.0.0","lessThan":"3.0.10","versionType":"semver","status":"affected"}]}] |
CVE Modified by CISA-ADP 4/23/2025 1:16:32 PM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CVSS V3.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
CVE Modified by CVE 11/21/2024 2:59:40 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | http://www.openwall.com/lists/oss-security/2023/07/15/1 | |
| Added | Reference | http://www.openwall.com/lists/oss-security/2023/07/19/5 | |
| Added | Reference | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 | |
| Added | Reference | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc | |
| Added | Reference | https://security.gentoo.org/glsa/202402-08 | |
| Added | Reference | https://security.netapp.com/advisory/ntap-20230725-0004/ | |
| Added | Reference | https://www.openssl.org/news/secadv/20230714.txt |
CVE Modified by OpenSSL Software Foundation 10/14/2024 11:15:11 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Changed | Description | Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue. | Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue. |
| Added | CWE | OpenSSL Software Foundation CWE-354 | |
| Removed | Reference | OpenSSL Software Foundation http://www.openwall.com/lists/oss-security/2023/07/15/1 | |
| Removed | Reference | OpenSSL Software Foundation http://www.openwall.com/lists/oss-security/2023/07/19/5 | |
| Removed | Reference | OpenSSL Software Foundation https://security.gentoo.org/glsa/202402-08 | |
| Removed | Reference | OpenSSL Software Foundation https://security.netapp.com/advisory/ntap-20230725-0004/ |
CVE Modified by OpenSSL Software Foundation 5/14/2024 9:02:30 AM
| Action | Type | Old Value | New Value |
|---|
CVE Modified by OpenSSL Software Foundation 2/04/2024 4:15:09 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | OpenSSL Software Foundation https://security.gentoo.org/glsa/202402-08 [No types assigned] |
Initial Analysis by NIST 7/27/2023 9:02:02 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | CVSS V3.1 | NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | |
| Added | CWE | NIST CWE-287 | |
| Added | CPE Configuration | OR *cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:* *cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* | |
| Added | CPE Configuration | OR *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.0.9 *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 3.1.0 up to (including) 3.1.1 | |
| Changed | Reference Type | http://www.openwall.com/lists/oss-security/2023/07/15/1 No Types Assigned | http://www.openwall.com/lists/oss-security/2023/07/15/1 Mailing List, Third Party Advisory |
| Changed | Reference Type | http://www.openwall.com/lists/oss-security/2023/07/19/5 No Types Assigned | http://www.openwall.com/lists/oss-security/2023/07/19/5 Mailing List, Third Party Advisory |
| Changed | Reference Type | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 No Types Assigned | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598 Patch |
| Changed | Reference Type | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc No Types Assigned | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a83f0c958811f07e0d11dfc6b5a6a98edfd5bdc Patch |
| Changed | Reference Type | https://security.netapp.com/advisory/ntap-20230725-0004/ No Types Assigned | https://security.netapp.com/advisory/ntap-20230725-0004/ Third Party Advisory |
| Changed | Reference Type | https://www.openssl.org/news/secadv/20230714.txt No Types Assigned | https://www.openssl.org/news/secadv/20230714.txt Vendor Advisory |
CVE Modified by OpenSSL Software Foundation 7/25/2023 11:15:13 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | https://security.netapp.com/advisory/ntap-20230725-0004/ [No Types Assigned] |
CVE Modified by OpenSSL Software Foundation 7/19/2023 11:15:10 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | http://www.openwall.com/lists/oss-security/2023/07/19/5 [No Types Assigned] |
CVE Modified by OpenSSL Software Foundation 7/15/2023 9:15:09 AM
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Reference | http://www.openwall.com/lists/oss-security/2023/07/15/1 [No Types Assigned] |