Lucene search
F5SOL09422508HistoryOct 19, 2016 - 12:00 a.m.
SOL09422508 - OpenSSL vulnerabilities CVE-2016-6302, CVE-2016-6307, and CVE-2016-6308
2016-10-1900:00:00
support.f5.com
37
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.525 Medium
EPSS
Percentile
97.2%
Vulnerability Recommended Actions
None
Supplemental Information
- SOL9970: Subscribing to email notifications regarding F5 products
- SOL9957: Creating a custom RSS feed to view new and updated documents
- SOL4602: Overview of the F5 security vulnerability response policy
- SOL4918: Overview of the F5 critical issue hotfix policy
Related
f5
f5
K09422508 : OpenSSL vulnerabilities CVE-2016-6307 and CVE-2016-6308
2016-10-19 00:00:00
K70844615 : OpenSSL vulnerability CVE-2016-6302
2016-12-08 00:00:00
SOL22071504 - September 2016 OpenSSL security vulnerability announcement
2016-09-22 00:00:00
hackerone
hackerone
Internet Bug Bounty: Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
2017-04-18 07:42:44
Internet Bug Bounty: Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
2017-04-18 07:41:42
Internet Bug Bounty: Malformed SHA512 ticket DoS (CVE-2016-6302)
2017-04-18 07:35:36
openvas
openvas
OpenSSL SSL_peek hang on empty record DoS Vulnerability - Linux
2016-09-26 00:00:00
OpenSSL SSL_peek hang on empty record DoS Vulnerability - Windows
2016-09-26 00:00:00
Slackware: Security Advisory (SSA:2016-266-01)
2022-04-21 00:00:00
ibm
ibm
nessus
nessus
OpenSSL < 1.1.0a Multiple Vulnerabilities
2016-10-06 00:00:00
OpenSSL 1.1.0 < 1.1.0a Multiple Vulnerabilities
2016-09-30 00:00:00
ubuntucve
ubuntucve
redhatcve
redhatcve
openssl
openssl
Vulnerability in OpenSSL CVE-2016-6308
2016-09-21 00:00:00
Vulnerability in OpenSSL CVE-2016-6307
2016-09-21 00:00:00
Vulnerability in OpenSSL CVE-2016-6302
2016-08-23 00:00:00
cve
cve
prion
prion
Design/Logic Flaw
2016-09-26 19:59:00
Code injection
2016-09-26 19:59:00
Design/Logic Flaw
2016-09-16 05:59:00
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2017-01-26 03:18:38
osv
osv
CVE-2016-6302
2016-09-16 05:59:00
openssl - security update
2016-09-25 00:00:00
openssl - regression update
2016-09-22 00:00:00
alpinelinux
alpinelinux
CVE-2016-6302
2016-09-16 05:59:00
arista
arista
Security Advisory 0024
2016-10-04 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2016-09-22 00:00:00
slackware
slackware
[slackware-security] openssl
2016-09-22 18:53:12
fortinet
fortinet
OpenSSL Security Advisory [22 Sept 2016]
2017-04-03 00:00:00
threatpost
threatpost
OpenSSL Fixes Critical Bug Introduced by Latest Update
2016-09-26 10:45:04
symantec
symantec
SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016
2016-10-06 08:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
2016-09-27 22:40:00
huawei
huawei
Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products
2017-03-22 00:00:00
nodejsblog
nodejsblog
Security updates for all active release lines, September 2016
2016-09-23 00:00:00
mageia
mageia
Updated virtualbox packages fixes security vulnerabilities
2016-12-06 00:49:27
Updated openssl packages fix security vulnerabilities
2016-10-12 01:12:20
amazon
amazon
Medium: openssl
2016-10-12 17:00:00
redhat
redhat
(RHSA-2018:2187) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
2018-07-12 16:04:13
(RHSA-2016:1940) Important: openssl security update
2016-09-27 11:50:45
oraclelinux
oraclelinux
openssl security update
2016-09-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.2i-alt1
2016-09-22 00:00:00
centos
centos
openssl security update
2016-09-28 14:48:04
fedora
fedora
[SECURITY] Fedora 24 Update: openssl-1.0.2j-1.fc24
2016-09-28 01:57:16
[SECURITY] Fedora 23 Update: openssl-1.0.2j-1.fc23
2016-10-11 23:24:05
[SECURITY] Fedora 25 Update: openssl-1.0.2j-1.fc25
2016-10-09 03:28:42
suse
suse
Security update for compat-openssl098 (important)
2016-10-14 15:09:07
Security update for compat-openssl098 (important)
2016-10-06 20:09:29
Security update for openssl (important)
2016-10-05 18:09:41
cloudfoundry
cloudfoundry
USN-3087-2 OpenSSL Regression | Cloud Foundry
2016-09-28 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:26.openssl
2016-09-23 00:00:00
archlinux
archlinux
[ASA-201609-24] lib32-openssl: multiple issues
2016-09-26 00:00:00
[ASA-201609-23] openssl: multiple issues
2016-09-26 00:00:00
debian
debian
[SECURITY] [DLA 637-1] openssl security update
2016-09-25 11:55:01
[SECURITY] [DSA 3673-1] openssl security update
2016-09-22 16:50:14
ubuntu
ubuntu
OpenSSL vulnerabilities
2016-09-22 00:00:00
OpenSSL regression
2016-09-23 00:00:00
aix
aix
Vulnerabilities in OpenSSL affect AIX
2016-11-14 13:29:26
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.525 Medium
EPSS
Percentile
97.2%
Related for SOL09422508