Amazon Linux 2 : openssl11 (ALAS-2020-1456)

The version of openssl11 installed on the remote host is prior to 1.1.1c-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1456 advisory. In situations where an attacker receives automated notification of the success or failure of a decryption attempt an...

Low: openssl

Issue Overview: In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message tha...