CVE-2016-2108

🗓️ 05 May 2016 00:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 516 Views

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service via an ANY field in crafted serialized data

Reporter	Title	Published	Views	Family All 294
FreeBSD	OpenSSL -- multiple vulnerabilities	3 May 201600:00	–	freebsd
IBM Security Bulletins	Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4 - HTTPS support for Perl Collector install.	17 Jun 201815:27	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Identity Governance	16 Jun 201821:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware	31 Jan 201902:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM WebSphere MQ (CVE-2016-2106, CVE-2016-2109)	15 Jun 201807:07	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Active Bypass (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)	16 Jun 201821:45	–	ibm
IBM Security Bulletins	Security Bulletin: A denial-of-service attack, heap use after free, network server exploit, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service	8 Jul 202517:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways	8 Jun 202122:18	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM Image Construction and Composition Tool (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)	15 Jun 201807:05	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in openssl affects IBM System Networking Switch products (CVE-2016-2108)	31 Jan 201902:25	–	ibm

NVD

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_hpc_nodeMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_workstationMatch6.0

Node

openssl opensslRange≤1.0.1n

openssl opensslMatch1.0.2

openssl opensslMatch1.0.2beta1

openssl opensslMatch1.0.2beta2

openssl opensslMatch1.0.2beta3

openssl opensslMatch1.0.2a

openssl opensslMatch1.0.2b

Node

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_hpc_nodeMatch7.0

redhat enterprise_linux_hpc_node_eusMatch7.2

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.2

redhat enterprise_linux_server_eusMatch7.2

redhat enterprise_linux_workstationMatch7.0

Node

google androidMatch4.0

google androidMatch4.0.1

google androidMatch4.0.2

google androidMatch4.0.3

google androidMatch4.0.4

google androidMatch4.1

google androidMatch4.1.2

google androidMatch4.2

google androidMatch4.2.1

google androidMatch4.2.2

google androidMatch4.3

google androidMatch4.3.1

google androidMatch4.4

google androidMatch4.4.1

google androidMatch4.4.2

google androidMatch4.4.3

google androidMatch5.0

google androidMatch5.0.1

google androidMatch5.1

google androidMatch5.1.0

google androidMatch6.0

google androidMatch6.0.1

Source	Link
tenable	www.tenable.com/security/tns-2016-18
oracle	www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
lists	www.lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html
h20566	www.h20566.www2.hpe.com/hpsc/doc/public/display
lists	www.lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay
support	www.support.apple.com/HT206903
ubuntu	www.ubuntu.com/usn/USN-2959-1
slackware	www.slackware.com/security/viewer.php
openssl	www.openssl.org/news/secadv/20160503.txt

06 May 2026 22:30Current

8.3High risk

Vulners AI Score8.3

CVSS 39.8

CVSS 210

EPSS0.36957

CWE-119