CloudLinuxCLSA-2022:1647550273

HistoryMar 17, 2022 - 8:51 p.m.

Fix of CVE: CVE-2022-0778

2022-03-1720:51:13

repo.cloudlinux.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

CVE-2022-0778: Fix possible infinite loop in BN_mod_sqrt()

OSVersionArchitecturePackageVersionFilename
Centos6x86_64openssl< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos6i686openssl-devel< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos6x86_64openssl-perl< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos6i686openssl< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos6x86_64openssl-static< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos6x86_64openssl-devel< 1.0.1eopenssl-1.0.1e-63.el6.tuxcare.els6.src.rpm

OS	Version	Architecture	Package	Version	Filename
Centos	6	x86_64	openssl	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos	6	i686	openssl-devel	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos	6	x86_64	openssl-perl	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos	6	i686	openssl	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos	6	x86_64	openssl-static	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm
Centos	6	x86_64	openssl-devel	< 1.0.1e	openssl-1.0.1e-63.el6.tuxcare.els6.src.rpm

References

errata.cloudlinux.com/els6/CLSA-2022-1647550273.html

nessus 75

altlinux 5

prion 1

oraclelinux 8

redos 1

aix 1

ibm 21

ics 1

githubexploit 5

osv 12

amazon 2

redhat 7

openvas 32

github 1

checkpoint_security 2

photon 1

paloalto 1

almalinux 2

rocky 3

ubuntu 1

checkpoint_advisories 1

hivepro 1

fortinet 1

ubuntucve 1

slackware 1

alpinelinux 1

cve 1

cbl_mariner 1

debiancve 1

cloudfoundry 2

fedora 1

veracode 1

suse 1

thn 1

centos 1

openssl 1

nessus

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2022:0859-1)

2022-03-16 00:00:00

Oracle Linux 8 : compat-openssl10 (ELSA-2022-5326)

2022-07-01 00:00:00

ABB RTU500 Series Infinite Loop in embedded OpenSSL (CVE-2022-0778)

2023-09-29 00:00:00

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1n-alt1

2022-03-24 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1n-alt1

2022-03-18 00:00:00

Security fix for the ALT Linux 9 package openssl10 version 1.0.2u-alt1.p9.2

2022-03-24 00:00:00

prion

Code injection

2022-03-15 17:15:00

oraclelinux

openssl security update

2022-03-21 00:00:00

openssl security update

2022-03-29 00:00:00

openssl security update

2022-03-23 00:00:00

redos

ROS-20220318-02

2022-03-18 00:00:00

aix

AIX is vulnerable to a denial of service due to OpenSSL

2022-05-13 09:32:08

ibm

Security Bulletin: IBM App Connect Enterprise & IBM Integration Bus are vulnerable to a denial of service, due to OpenSSL (CVE-2022-0778)

2022-06-10 16:27:32

Security Bulletin: Vulnerability in OpenSSL affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

2023-03-29 01:48:02

Security Bulletin: Denial of Service vulnerability in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client (CVE-2022-0778)

2022-06-29 19:05:15

ics

Siemens OpenSSL Affected Industrial Products (Update E)

2023-01-13 12:00:00

githubexploit

Exploit for Infinite Loop in Openssl

2023-10-30 09:52:21

Exploit for Infinite Loop in Openssl

2022-04-18 07:51:18

Exploit for Infinite Loop in Openssl

2023-09-12 05:16:27

osv

openssl, openssl1.0 vulnerability

2022-03-15 16:45:46

CVE-2022-0778

2022-03-15 17:15:08

Low: compat-openssl10 security update

2022-06-30 00:00:00

amazon

Important: openssl

2022-03-15 18:54:00

Important: openssl, openssl11

2022-03-15 18:49:00

redhat

(RHSA-2022:4899) Important: compat-openssl11 security and bug fix update

2022-06-02 21:13:31

(RHSA-2022:1078) Important: openssl security update

2022-03-28 09:39:25

(RHSA-2022:1077) Important: openssl security update

2022-03-28 09:36:52

openvas

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1176)

2023-01-12 00:00:00

Fedora: Security Advisory for openssl1.1 (FEDORA-2022-8bb51f6901)

2022-04-05 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:14916-1)

2022-03-16 00:00:00

github

openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

2022-03-16 00:00:45

checkpoint_security

Check Point response to CVE-2022-0778

2022-07-03 22:15:24

Check Point response to OpenSSL CVE-2022-0778 (possible infinite loop when parsing ECDSA certificates/keys)

2022-03-16 06:41:44

photon

Important Photon OS Security Update - PHSA-2022-0162

2022-03-16 00:00:00

paloalto

Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778

2022-03-31 02:30:00

almalinux

Low: compat-openssl10 security update

2022-06-30 00:00:00

Important: openssl security update

2022-03-28 07:46:07

rocky

openssl security update

2022-03-28 07:46:07

compat-openssl11 security and bug fix update

2022-06-02 21:13:31

compat-openssl10 security update

2022-06-28 10:53:54

ubuntu

OpenSSL vulnerability

2022-03-15 00:00:00

checkpoint_advisories

OpenSSL Denial of Service (CVE-2022-0778)

2022-03-27 00:00:00

hivepro

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

2022-03-17 14:17:00

fortinet

Protect

2022-04-01 00:00:00

ubuntucve

CVE-2022-0778

2022-03-15 00:00:00

slackware

[slackware-security] openssl

2022-03-17 19:59:07

alpinelinux

CVE-2022-0778

2022-03-15 17:15:00

cve

CVE-2022-0778

2022-03-15 17:15:00

cbl_mariner

CVE-2022-0778 affecting package openssl 1.1.1k-30

2022-04-09 06:51:56

debiancve

CVE-2022-0778

2022-03-15 17:15:00

cloudfoundry

USN-5328-1: OpenSSL vulnerability | Cloud Foundry

2022-05-23 00:00:00

USN-5328-2: OpenSSL vulnerabilityUSN-5328-2: OpenSSL vulnerability | Cloud Foundry

2022-04-21 00:00:00

fedora

[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35

2022-03-22 03:44:53

veracode

Denial Of Service (DoS)

2022-03-16 09:55:55

suse

Security update for openssl-1_0_0 (important)

2022-03-15 00:00:00

thn

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

2022-03-31 03:23:00

centos

openssl security update

2022-03-29 13:36:31

openssl

Vulnerability in OpenSSL CVE-2022-0778

2022-03-15 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Related for CLSA-2022:1647550273