Lucene search
K

The vulnerability of the Encrypt-Then-Mac extension in the OpenSSL library, which allows a hacker to trigger a denial-of-service attack

🗓️ 22 Jun 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 4 Views

The OpenSSL Encrypt-Then-Mac extension has insufficient input validation, enabling remote denial of service.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Open Source OpenSSL Vulnerabilities in IBM Network Advisor
18 Jun 201800:34
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions
17 Jun 201815:39
ibm
IBM Security Bulletins
Security Bulletin: Denial of service vulnerability in OpenSSL affects IBM InfoSphere Master Data Management (CVE-2017-3733)
16 Jun 201813:47
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software
5 Feb 202000:09
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in OpenSSL affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter systems
14 Apr 202314:32
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux
3 Aug 201804:23
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware
17 Jun 201815:40
ibm
FreeBSD
openssl -- crash on handshake
16 Feb 201700:00
freebsd
Tenable Nessus
OpenSSL 1.1.0 < 1.1.0e DoS
22 Feb 201700:00
nessus
Tenable Nessus
FreeBSD : openssl -- crash on handshake (1a802ba9-f444-11e6-9940-b499baebfeaf)
17 Feb 201700:00
nessus
Rows per page
Vulners
Node
opensslopensslRange<1.1.0e
OR

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 Jun 2020 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS 37.5
CVSS 27.8
EPSS0.12874
4