CVE-2016-0703
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.009 Low
EPSS
Percentile
82.8%
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
References
kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html
openssl.org/news/secadv/20160301.txt
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
www.securityfocus.com/bid/83743
www.securitytracker.com/id/1035133
cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
drownattack.com
git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=ae50d8270026edf5b3c7f8aaa0c6677462b33d97
h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441
kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168
security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc
security.gentoo.org/glsa/201603-15
www.arista.com/en/support/advisories-notices/security-advisories/1260-security-advisory-18
www.openssl.org/news/secadv/20160301.txt
Social References
More
Related
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
7.8 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.009 Low
EPSS
Percentile
82.8%