The vulnerability of the dsa_sign_setup function in the OpenSSL library, which relates to the disclosure of protected information, allows attackers to circumvent cryptographic mechanisms used for encryption protection.

🗓️ 25 Apr 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

OpenSSL dsa_sign_setup vulnerability exposes protected information and enables bypass of encryption.

Reporter	Title	Published	Views	Family All 344
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affects IBM Rational ClearCase (CVE-2016-2177, CVE-2016-2178, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities fixed in IBM Security Privileged Identity Manager	16 Jun 201821:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] vulnerabilities (multiple CVEs)	16 Jun 201821:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM) Storage Manager Install Anywhere (SMIA) configuration tool	18 Jun 201801:34	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry	19 Jul 202000:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Image Construction and Composition Tool.	15 Jun 201807:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™	9 Aug 201804:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, Connect Server, Point to Point Client, Desktop Client, Faspstream, Cargo, and Sync (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 CVE-2016-2178 ...)	15 Jun 201807:08	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions	17 Jun 201815:39	–	ibm
IBM Security Bulletins	Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH	16 Jun 201915:15	–	ibm

Vulners

Node

openssl opensslMatch1.0.1n

openssl opensslMatch1.0.1o

openssl opensslMatch1.0.2b

openssl opensslMatch1.0.2c

openssl opensslMatch1.0.1m

openssl opensslMatch1.0.2a

openssl opensslMatch1.0.2

openssl opensslMatch1.0.2h

openssl opensslMatch1.0.2g

openssl opensslMatch1.0.2f

openssl opensslMatch1.0.2e

openssl opensslMatch1.0.2d

openssl opensslMatch1.0.1c

openssl opensslMatch1.0.1d

openssl opensslMatch1.0.1l

openssl opensslMatch1.0.1t

openssl opensslMatch1.0.1e

openssl opensslMatch1.0.1f

openssl opensslMatch1.0.1a

openssl opensslMatch1.0.1b

openssl opensslMatch1.0.1i

openssl opensslMatch1.0.1j

openssl opensslMatch1.0.1k

openssl opensslMatch1.0.1r

openssl opensslMatch1.0.1s

openssl opensslMatch1.0.1

openssl opensslMatch1.0.1g

openssl opensslMatch1.0.1h

openssl opensslMatch1.0.1p

openssl opensslMatch1.0.1q

red_hat red_hat_enterprise_linuxMatch6

red_hat red_hat_enterprise_linuxMatch7

canonical ubuntuMatch12.04

novell opensuse_leapMatch15.0

Source	Link
eprint	www.eprint.iacr.org/2016/594.pdf
openwall	www.openwall.com/lists/oss-security/2016/06/09/8
openwall	www.openwall.com/lists/oss-security/2016/06/08/2
git	www.git.openssl.org/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
oracle	www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
lists	www.lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html
nodejs	www.nodejs.org/en/blog/vulnerability/september-2016-security-releases/
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

25 Apr 2022 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 24.6

CVSS 35.5

EPSS0.01174