Lucene search
IBM211030B63DFACDC062207C9720C07BB4194CB622626EFE87492FB90BE0DDB26CHistoryMay 15, 2024 - 11:37 p.m.
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
2024-05-1523:37:18
www.ibm.com
10
ibm
nx-os firmware
san directors
switches
openssl
denial of service
cve-2023-2650
vulnerability
fix
Summary
Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code level listed below. CVE-2023-2650.
Vulnerability Details
CVEID:CVE-2023-2650
**DESCRIPTION:**OpenSSL is vulnerable to a denial of service, caused by a flaw when using OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/256611 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| NX-OS | 9.2.1 - 9.4(1) |
| NX-OS | 8.1 - 8.5(1) |
Remediation/Fixes
| Fixes | Version(s) |
|---|---|
| NX-OS | 9.4(1a) |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm support for cisco software | eq | 11 |
Related
nessus
nessus
EulerOS Virtualization 2.9.0 : shim (EulerOS-SA-2023-2996)
2024-01-16 00:00:00
EulerOS 2.0 SP9 : shim (EulerOS-SA-2023-2628)
2023-08-08 00:00:00
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2023-2593)
2023-08-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-2650 affecting package openssl 1.1.1k-15
2023-06-27 21:25:25
ibm
ibm
osv
osv
openssl vulnerability
2023-06-22 14:53:11
CVE-2023-2650
2023-05-30 14:15:09
openssl, openssl1.0 vulnerabilities
2023-05-30 14:16:59
openvas
openvas
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2628)
2023-08-08 00:00:00
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2996)
2023-10-13 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2835)
2023-09-20 00:00:00
freebsd
freebsd
OpenSSL -- Possible DoS translating ASN.1 identifiers
2023-05-30 00:00:00
cloudlinux
cloudlinux
openssl: Fix of CVE-2023-2650
2023-06-20 13:49:26
mageia
mageia
Updated openssl packages fix security vulnerability
2023-06-08 22:34:59
cvelist
cvelist
CVE-2023-2650 Possible DoS translating ASN.1 object identifiers
2023-05-30 13:40:11
redhatcve
redhatcve
CVE-2023-2650
2023-05-30 15:11:50
githubexploit
githubexploit
Exploit for Allocation of Resources Without Limits or Throttling in Openssl
2023-06-05 17:40:59
amazon
amazon
Medium: openssl11
2023-06-21 19:11:00
Medium: openssl
2023-06-05 16:39:00
Medium: openssl
2023-06-05 16:39:00
debiancve
debiancve
CVE-2023-2650
2023-05-30 14:15:09
ubuntu
ubuntu
OpenSSL vulnerability
2023-06-22 00:00:00
OpenSSL vulnerabilities
2023-05-30 00:00:00
Node.js vulnerabilities
2024-03-04 00:00:00
broadcom
broadcom
Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
2024-04-17 00:00:00
prion
prion
Authentication flaw
2023-05-30 14:15:00
alpinelinux
alpinelinux
CVE-2023-2650
2023-05-30 14:15:09
ubuntucve
ubuntucve
CVE-2023-2650
2023-05-30 00:00:00
wolfi
wolfi
CVE-2023-2650 vulnerabilities
2024-05-29 03:07:31
cve
cve
CVE-2023-2650
2023-05-30 14:15:09
slackware
slackware
[slackware-security] openssl
2023-05-31 01:33:48
openssl
openssl
Vulnerability in OpenSSL CVE-2023-2650
2023-05-30 00:00:00
cgr
cgr
CVE-2023-2650 vulnerabilities
2024-05-19 03:07:16
f5
f5
K000135178 : OpenSSL vulnerability CVE-2023-2650
2023-06-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-06-05 02:04:40
redos
redos
ROS-20230621-05
2023-06-21 00:00:00
almalinux
almalinux
Moderate: edk2 security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: openssl security and bug fix update
2023-06-21 00:00:00
redhat
redhat
(RHSA-2023:6330) Moderate: edk2 security, bug fix, and enhancement update
2023-11-07 06:02:04
(RHSA-2023:3722) Moderate: openssl security and bug fix update
2023-06-21 13:52:15
cloudfoundry
cloudfoundry
USN-6119-1: OpenSSL vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
oraclelinux
oraclelinux
edk2 security, bug fix, and enhancement update
2023-11-11 00:00:00
openssl security update
2023-08-31 00:00:00
openssl security and bug fix update
2023-06-22 00:00:00
debian
debian
[SECURITY] [DLA 3449-1] openssl security update
2023-06-08 16:32:59
[SECURITY] [DSA 5417-1] openssl security update
2023-05-31 14:51:05
fedora
fedora
[SECURITY] Fedora 37 Update: openssl-3.0.9-1.fc37
2023-06-04 01:24:09
[SECURITY] Fedora 38 Update: openssl-3.0.9-1.fc38
2023-06-03 02:46:16
6.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.0%
Related for 211030B63DFACDC062207C9720C07BB4194CB622626EFE87492FB90BE0DDB26C