Lucene search

K
f5F5F5:K15318
HistoryJun 05, 2014 - 12:00 a.m.

K15318 : OpenSSL vulnerability CVE-2011-3207

2014-06-0500:00:00
my.f5.com
23

9.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

84.6%

Security Advisory Description

The OpenSSL crypto/x509/x509_vfy.c library for 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
(
CVE-2011-3207
)
Impact
None. No F5 products are affected by this vulnerability.

9.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

84.6%