Lucene search

CVE-2018-0734

🗓️ 30 Oct 2018 12:00:29Reported by opensslType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 425 Views

OpenSSL DSA signature algorithm vulnerability (CVE-2018-0734) fixed in multiple version

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
openssl	Vulnerability in OpenSSL - Timing vulnerability in DSA signature generation	30 Oct 201800:00	–	openssl
ibm	Security Bulletin: OpenSSL DSA signature algorithm security vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-0734)	22 Feb 202219:59	–	ibm
ibm	Security Bulletin: A security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-0734)	28 Jun 202322:14	–	ibm
ibm	Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2018-0734)	27 Mar 201906:25	–	ibm
ibm	Security Bulletin: IBM Cloud Manager with OpenStack is affected by a OpenSSL vulnerabilities (CVE-2018-0734)	26 Apr 201910:55	–	ibm
ibm	Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2018-0734)	11 Apr 201912:40	–	ibm
ibm	Security Bulletin: OpenSSL as used by IBM QRadar Network Packet Capture is vulnerable to a timing side channel attack (CVE-2018-0734)	20 Dec 201908:47	–	ibm
ibm	Security Bulletin: OpenSSL vunerability	21 Jan 201915:55	–	ibm
ibm	Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System	10 Nov 202010:24	–	ibm
ibm	Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to a timing side channel attack (CVE-2018-0734)	9 Jan 202015:39	–	ibm

Nvd

Node

openssl opensslRange1.0.2–1.0.2p

openssl opensslRange1.1.0–1.1.0i

openssl opensslMatch1.1.1

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch18.10

Node

debian debian_linuxMatch9.0

Node

nodejs node.jsRange6.0.0–6.8.1-

nodejs node.jsRange6.9.0–6.15.0lts

nodejs node.jsRange8.0.0–8.8.1-

nodejs node.jsRange8.9.0–8.14.0lts

nodejs node.jsRange10.0.0–10.12.0-

nodejs node.jsRange11.0.0–11.3.0-

nodejs node.jsMatch10.13.0lts

Node

netapp cn1610_firmwareMatch-

AND

netapp cn1610Match-

Node

netapp cloud_backupMatch-

netapp oncommand_unified_manager

netapp santricity_smi-s_providerMatch-

netapp snapcenterMatch-

netapp steelstoreMatch-

netapp storage_automation_storeMatch-

Node

oracle api_gatewayMatch11.1.2.4.0

oracle e-business_suite_technology_stackMatch0.9.8

oracle e-business_suite_technology_stackMatch1.0.0

oracle e-business_suite_technology_stackMatch1.0.1

oracle enterprise_manager_base_platformMatch12.1.0.5.0

oracle enterprise_manager_base_platformMatch13.2.0.0.0

oracle enterprise_manager_base_platformMatch13.3.0.0.0

oracle enterprise_manager_ops_centerMatch12.3.3

oracle mysql_enterprise_backupRange3.0–3.12.3

oracle mysql_enterprise_backupRange4.0–4.1.2

oracle peoplesoft_enterprise_peopletoolsMatch8.55

oracle peoplesoft_enterprise_peopletoolsMatch8.56

oracle peoplesoft_enterprise_peopletoolsMatch8.57

oracle primavera_p6_professional_project_managementRange17.7–17.12

oracle primavera_p6_professional_project_managementMatch8.4

oracle primavera_p6_professional_project_managementMatch15.1

oracle primavera_p6_professional_project_managementMatch15.2

oracle primavera_p6_professional_project_managementMatch16.1

oracle primavera_p6_professional_project_managementMatch16.2

oracle primavera_p6_professional_project_managementMatch18.8

oracle tuxedoMatch12.1.1.0.0

[
  {
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in OpenSSL 1.1.1a (Affected 1.1.1)"
      },
      {
        "status": "affected",
        "version": "Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i)"
      },
      {
        "status": "affected",
        "version": "Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p)"
      }
    ]
  }
]

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html
debian	www.debian.org/security/2018/dsa-4348
git	www.git.openssl.org/gitweb/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
access	www.access.redhat.com/errata/RHSA-2019:3935
access	www.access.redhat.com/errata/RHSA-2019:3932
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
securityfocus	www.securityfocus.com/bid/105758
git	www.git.openssl.org/gitweb/
access	www.access.redhat.com/errata/RHSA-2019:3933

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Oct 2018 12:29Current

5.9Medium risk

Vulners AI Score5.9

CVSS24.3

CVSS35.9

EPSS0.06051

CWE-327