Login Sign Up

CVE-2023-0361

7.4 HIGH

📋 TL;DR

This CVE describes a timing side-channel vulnerability in GnuTLS that allows attackers to perform Bleichenbacher-style attacks against RSA encryption. By sending specially crafted messages to vulnerable servers, attackers can potentially recover RSA private keys and decrypt TLS session data. Any system using affected GnuTLS versions for TLS/SSL connections is vulnerable.

💻 Affected Systems

Products:
  • GnuTLS
Versions: Versions before 3.7.9 and 3.8.x before 3.8.1
Operating Systems: Linux distributions including Red Hat, Debian, Fedora, and others using GnuTLS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects RSA key exchange in TLS connections. Systems using other key exchange methods (like ECDHE) are not affected.

📦 What is this software?

Active Iq Unified Manager by Netapp

View all CVEs affecting Active Iq Unified Manager →

Converged Systems Advisor Agent by Netapp

View all CVEs affecting Converged Systems Advisor Agent →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Gnutls by Gnu

View all CVEs affecting Gnutls →

Ontap Select Deploy Administration Utility by Netapp

View all CVEs affecting Ontap Select Deploy Administration Utility →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers decrypt all TLS traffic between clients and servers, compromising sensitive data including credentials, financial information, and communications.

🟠

Likely Case

Targeted attacks against high-value systems where attackers invest significant resources to perform the timing analysis and send large volumes of crafted messages.

🟢

If Mitigated

With proper patching and network controls, the risk is minimal as the attack requires substantial effort and network access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: HIGH

Attack requires sending millions of specially crafted messages and precise timing measurements, making it resource-intensive but feasible for determined attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: GnuTLS 3.7.9, 3.8.1, or later

Vendor Advisory: https://access.redhat.com/security/cve/CVE-2023-0361

Restart Required: Yes

Instructions:

1. Update GnuTLS to version 3.7.9 or 3.8.1+ using your distribution's package manager. 2. Restart all services using GnuTLS. 3. For Red Hat systems: 'yum update gnutls'. 4. For Debian/Ubuntu: 'apt update && apt upgrade gnutls'.

🔧 Temporary Workarounds

Disable RSA key exchange

linux

Configure TLS servers to use non-RSA key exchange methods like ECDHE or DHE

For Apache: SSLProtocol -ALL +TLSv1.2 +TLSv1.3
For Nginx: ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256';

🧯 If You Can't Patch

  • Implement network segmentation to limit access to vulnerable systems
  • Use TLS termination proxies with patched GnuTLS versions in front of vulnerable systems

🔍 How to Verify

Check if Vulnerable:

Check GnuTLS version with 'gnutls-cli --version' or 'dpkg -l | grep gnutls' or 'rpm -q gnutls'

Check Version:

gnutls-cli --version | head -1

Verify Fix Applied:

Verify version is 3.7.9 or 3.8.1+ using version check commands

📡 Detection & Monitoring

Log Indicators:

  • Unusual volume of TLS handshake failures
  • Multiple RSA ClientKeyExchange messages from single sources

Network Indicators:

  • High volume of TLS connection attempts to same server
  • Unusual timing patterns in TLS handshakes

SIEM Query:

source_ip COUNT BY dest_ip WHERE protocol=tls AND handshake_failure=true OVER 1h > 1000

📊 Metadata

CVE ID: CVE-2023-0361
CVSS v3 Score: 7.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-203
Published: February 15, 2023
Last Updated: March 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0361, you might also want to check these:

CVE-2024-23771 9.8

This vulnerability in darkhttpd allows remote attackers to bypass authentication via timing side-cha...

Same vulnerability type (CWE-203)
CVE-2019-25337 9.8

CVE-2019-25337 is a username enumeration vulnerability in ownCloud that allows remote attackers to d...

Same vulnerability type (CWE-203)
CVE-2024-25714 9.8

CVE-2024-25714 is a critical timing side-channel vulnerability in Rhonabwy's HMAC signature verifica...

Same vulnerability type (CWE-203)