9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.95 High
EPSS
Percentile
99.1%
A side-channel attack was found that makes use of cache-bank conflicts
on the Intel Sandy-Bridge microarchitecture. An attacker who has the
ability to control code in a thread running on the same hyper-threaded
core as the victim’s thread that is performing decryption, could use
this flaw to recover RSA private keys.
A double-free flaw was found in the way OpenSSL parsed certain malformed
DSA (Digital Signature Algorithm) private keys. An attacker could create
specially crafted DSA private keys that, when processed by an
application compiled against OpenSSL, could cause the application to crash.
An integer overflow flaw, leading to a NULL pointer dereference or a
heap-based memory corruption, was found in the way some BIGNUM functions
of OpenSSL were implemented. Applications that use these functions with
large untrusted input could crash or, potentially, execute arbitrary code.
A memory leak flaw was found in the way OpenSSL performed SRP user
database look-ups using the SRP_VBASE_get_by_user() function. A remote
attacker connecting to certain SRP servers with an invalid user name
could leak approximately 300 bytes of the server’s memory per connection.
The fmtstr function in crypto/bio/b_print.c improperly calculates string
lengths, which allows remote attackers to cause a denial of service
(overflow and out-of-bounds read) or possibly have unspecified other
impact via a long string, as demonstrated by a large amount of ASN.1
data, a different vulnerability than CVE-2016-2842.
A padding oracle flaw was found in the Secure Sockets Layer version 2.0
(SSLv2) protocol. An attacker can potentially use this flaw to decrypt
RSA-encrypted cipher text from a connection using a newer SSL/TLS
protocol version, allowing them to decrypt such connections. This
cross-protocol attack is publicly referred to as DROWN.
access.redhat.com/security/cve/CVE-2016-0702
access.redhat.com/security/cve/CVE-2016-0705
access.redhat.com/security/cve/CVE-2016-0797
access.redhat.com/security/cve/CVE-2016-0798
access.redhat.com/security/cve/CVE-2016-0799
access.redhat.com/security/cve/CVE-2016-0800
www.openssl.org/news/secadv/20160301.txt
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.95 High
EPSS
Percentile
99.1%