EUVD-2017-12850

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

OpenSSL 1.1.0 before 1.1.0e crashes during renegotiation with Encrypt-Then-Mac extension issue

Reporter	Title	Published	Views	Family All 43
IBM Security Bulletins	Security Bulletin: Open Source OpenSSL Vulnerabilities in IBM Network Advisor	18 Jun 201800:34	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions	17 Jun 201815:39	–	ibm
IBM Security Bulletins	Security Bulletin: Denial of service vulnerability in OpenSSL affects IBM InfoSphere Master Data Management (CVE-2017-3733)	16 Jun 201813:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software	5 Feb 202000:09	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in OpenSSL affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter systems	14 Apr 202314:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux	3 Aug 201804:23	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware	17 Jun 201815:40	–	ibm
FreeBSD	openssl -- crash on handshake	16 Feb 201700:00	–	freebsd
Tenable Nessus	OpenSSL 1.1.0 < 1.1.0e DoS	22 Feb 201700:00	–	nessus
Tenable Nessus	FreeBSD : openssl -- crash on handshake (1a802ba9-f444-11e6-9940-b499baebfeaf)	17 Feb 201700:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "7c020c36-7a44-3613-b9c2-2dd751efb3a9",
        "vendor": {
          "name": "OpenSSL"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "047741b7-cc8a-3135-b3c5-afef8552c85e",
        "product": {
          "name": "OpenSSL"
        },
        "product_version": "openssl-1.1.0c"
      },
      {
        "id": "18b28e02-533e-33ac-a2a7-dd7ea7e5df7a",
        "product": {
          "name": "OpenSSL"
        },
        "product_version": "openssl-1.1.0"
      },
      {
        "id": "7cc749de-d266-3c32-b418-d45990dbf8ea",
        "product": {
          "name": "OpenSSL"
        },
        "product_version": "openssl-1.1.0b"
      },
      {
        "id": "99786d42-b643-35b9-a8fa-529b6d46e8e0",
        "product": {
          "name": "OpenSSL"
        },
        "product_version": "openssl-1.1.0a"
      },
      {
        "id": "e6d62dd4-861c-3f58-a093-e1acba8923e6",
        "product": {
          "name": "OpenSSL"
        },
        "product_version": "openssl-1.1.0d"
      }
    ]
  }
]

Source	Link
suse	www.suse.com/security/cve/CVE-2017-3733.html
advisories	www.advisories.mageia.org/CVE-2017-3733.html
securityfocus	www.securityfocus.com/bid/96269
openssl	www.openssl.org/news/secadv/20170216.txt
oracle	www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
h20566	www.h20566.www2.hpe.com/hpsc/doc/public/display
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
github	www.github.com/openssl/openssl/commit/4ad93618d26a3ea23d36ad5498ff4f59eff3a4d2
securitytracker	www.securitytracker.com/id/1037846
oracle	www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

07 Oct 2025 00:30Current

7.6High risk

Vulners AI Score7.6

CVSS 37.5

CVSS 25

EPSS0.03097