Lucene search

K
symantecSymantec Security ResponseSMNTC-105758
HistoryOct 30, 2018 - 12:00 a.m.

OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability

2018-10-3000:00:00
Symantec Security Response
www.symantec.com
48

EPSS

0.003

Percentile

71.6%

Description

OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks.

Technologies Affected

  • Bluecoat BCAAA 6.1
  • IBM AIX 5.3
  • IBM AIX 6.1
  • IBM AIX 7.1
  • IBM Aix 7.2
  • IBM DataPower Gateway 2018.4.1.0
  • IBM DataPower Gateway 2018.4.1.2
  • IBM DataPower Gateway 2018.4.1.5
  • IBM DataPower Gateway 2018.4.1.6
  • IBM DataPower Gateway 2018.4.1.8
  • IBM DataPower Gateway 7.6.0.0
  • IBM DataPower Gateway 7.6.0.10
  • IBM DataPower Gateway 7.6.0.11
  • IBM DataPower Gateway 7.6.0.12
  • IBM DataPower Gateway 7.6.0.14
  • IBM DataPower Gateway 7.6.0.15
  • IBM DataPower Gateway 7.6.0.17
  • IBM DataPower Gateway 7.6.0.3
  • IBM DataPower Gateway 7.6.0.8
  • IBM DataPower Gateway 7.6.0.9
  • IBM DataPower Gateways 7.6.0.0
  • IBM DataPower Gateways 7.6.0.1
  • IBM DataPower Gateways 7.6.0.5
  • IBM DataPower Gateways 7.6.0.6
  • IBM DataPower Gateways 7.6.0.8
  • IBM Vios 2.2.0
  • IBM Vios 2.2.0.10
  • IBM Vios 2.2.0.11
  • IBM Vios 2.2.0.12
  • IBM Vios 2.2.0.13
  • IBM Vios 2.2.1.0
  • IBM Vios 2.2.1.1
  • IBM Vios 2.2.1.3
  • IBM Vios 2.2.1.4
  • IBM Vios 2.2.1.8
  • IBM Vios 2.2.1.9
  • IBM Vios 2.2.2.0
  • IBM Vios 2.2.2.4
  • IBM Vios 2.2.2.5
  • IBM Vios 2.2.2.6
  • IBM Vios 2.2.3
  • IBM Vios 2.2.3.0
  • IBM Vios 2.2.3.2
  • IBM Vios 2.2.3.3
  • IBM Vios 2.2.3.4
  • IBM Vios 2.2.3.50
  • IBM Vios 2.2.4.0
  • OpenSSL Project OpenSSL 1.0.2
  • OpenSSL Project OpenSSL 1.0.2 Beta1
  • OpenSSL Project OpenSSL 1.0.2-1.0.2o
  • OpenSSL Project OpenSSL 1.0.2a
  • OpenSSL Project OpenSSL 1.0.2b
  • OpenSSL Project OpenSSL 1.0.2c
  • OpenSSL Project OpenSSL 1.0.2d
  • OpenSSL Project OpenSSL 1.0.2e
  • OpenSSL Project OpenSSL 1.0.2f
  • OpenSSL Project OpenSSL 1.0.2g
  • OpenSSL Project OpenSSL 1.0.2h
  • OpenSSL Project OpenSSL 1.0.2i
  • OpenSSL Project OpenSSL 1.0.2j
  • OpenSSL Project OpenSSL 1.0.2k
  • OpenSSL Project OpenSSL 1.0.2l
  • OpenSSL Project OpenSSL 1.0.2l-git
  • OpenSSL Project OpenSSL 1.0.2m
  • OpenSSL Project OpenSSL 1.0.2n
  • OpenSSL Project OpenSSL 1.0.2o
  • OpenSSL Project OpenSSL 1.0.2p
  • OpenSSL Project OpenSSL 1.0.2p-dev
  • OpenSSL Project OpenSSL 1.1.0
  • OpenSSL Project OpenSSL 1.1.0a
  • OpenSSL Project OpenSSL 1.1.0b
  • OpenSSL Project OpenSSL 1.1.0c
  • OpenSSL Project OpenSSL 1.1.0d
  • OpenSSL Project OpenSSL 1.1.0e
  • OpenSSL Project OpenSSL 1.1.0f
  • OpenSSL Project OpenSSL 1.1.0g
  • OpenSSL Project OpenSSL 1.1.0h
  • OpenSSL Project OpenSSL 1.1.0i
  • OpenSSL Project OpenSSL 1.1.1
  • Oracle API Gateway 11.1.2.4.0
  • Oracle E-Business Suite 0.9.8
  • Oracle E-Business Suite 1.0.0
  • Oracle E-Business Suite 1.0.1
  • Oracle Endeca Server 7.7.0
  • Oracle Enterprise Manager Base Platform 12.1.0.5.0
  • Oracle Enterprise Manager Base Platform 13.2.0.0.0
  • Oracle Enterprise Manager Base Platform 13.3.0.0.0
  • Oracle Enterprise Manager Ops Center 12.3.3
  • Oracle MySQL Enterprise Backup 3.10.0
  • Oracle MySQL Enterprise Backup 3.10.1
  • Oracle MySQL Enterprise Backup 3.12.2
  • Oracle MySQL Enterprise Backup 3.12.3
  • Oracle MySQL Enterprise Backup 4.0.1
  • Oracle MySQL Enterprise Backup 4.0.3
  • Oracle MySQL Enterprise Backup 4.1.2
  • Oracle MySQL Server 5.6.15
  • Oracle MySQL Server 5.6.16
  • Oracle MySQL Server 5.6.20
  • Oracle MySQL Server 5.6.21
  • Oracle MySQL Server 5.6.22
  • Oracle MySQL Server 5.6.23
  • Oracle MySQL Server 5.6.24
  • Oracle MySQL Server 5.6.25
  • Oracle MySQL Server 5.6.26
  • Oracle MySQL Server 5.6.27
  • Oracle MySQL Server 5.6.28
  • Oracle MySQL Server 5.6.29
  • Oracle MySQL Server 5.6.30
  • Oracle MySQL Server 5.6.33
  • Oracle MySQL Server 5.6.34
  • Oracle MySQL Server 5.6.35
  • Oracle MySQL Server 5.6.36
  • Oracle MySQL Server 5.6.37
  • Oracle MySQL Server 5.6.38
  • Oracle MySQL Server 5.6.39
  • Oracle MySQL Server 5.6.40
  • Oracle MySQL Server 5.6.41
  • Oracle MySQL Server 5.6.42
  • Oracle MySQL Server 5.7.0
  • Oracle MySQL Server 5.7.12
  • Oracle MySQL Server 5.7.15
  • Oracle MySQL Server 5.7.16
  • Oracle MySQL Server 5.7.17
  • Oracle MySQL Server 5.7.18
  • Oracle MySQL Server 5.7.19
  • Oracle MySQL Server 5.7.20
  • Oracle MySQL Server 5.7.21
  • Oracle MySQL Server 5.7.22
  • Oracle MySQL Server 5.7.23
  • Oracle MySQL Server 5.7.24
  • Oracle MySQL Server 8.0.11
  • Oracle MySQL Server 8.0.12
  • Oracle MySQL Server 8.0.13
  • Oracle PeopleSoft Enterprise PeopleTools 8.55
  • Oracle PeopleSoft Enterprise PeopleTools 8.56
  • Oracle PeopleSoft Enterprise PeopleTools 8.57
  • Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
  • Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
  • Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
  • Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
  • Oracle Primavera P6 Enterprise Project Portfolio Management 17.12
  • Oracle Primavera P6 Enterprise Project Portfolio Management 17.7
  • Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
  • Oracle Primavera P6 Enterprise Project Portfolio Management 8.4
  • Oracle Solaris 10
  • Oracle Solaris 11.3
  • Oracle Solaris 11.4
  • Oracle Tuxedo 12.1.1.0.0
  • Oracle VM VirtualBox 1.6
  • Oracle VM VirtualBox 1.6.0
  • Oracle VM VirtualBox 1.6.2
  • Oracle VM VirtualBox 1.6.4
  • Oracle VM VirtualBox 1.6.6
  • Oracle VM VirtualBox 2.0.0
  • Oracle VM VirtualBox 2.0.10
  • Oracle VM VirtualBox 2.0.12
  • Oracle VM VirtualBox 2.0.2
  • Oracle VM VirtualBox 2.0.4
  • Oracle VM VirtualBox 2.0.6
  • Oracle VM VirtualBox 2.0.8
  • Oracle VM VirtualBox 2.1.0
  • Oracle VM VirtualBox 2.1.2
  • Oracle VM VirtualBox 2.1.4
  • Oracle VM VirtualBox 2.2
  • Oracle VM VirtualBox 2.2.0
  • Oracle VM VirtualBox 2.2.2
  • Oracle VM VirtualBox 2.2.4
  • Oracle VM VirtualBox 3.0
  • Oracle VM VirtualBox 3.0.0
  • Oracle VM VirtualBox 3.0.10
  • Oracle VM VirtualBox 3.0.12
  • Oracle VM VirtualBox 3.0.14
  • Oracle VM VirtualBox 3.0.2
  • Oracle VM VirtualBox 3.0.4
  • Oracle VM VirtualBox 3.0.6
  • Oracle VM VirtualBox 3.0.8
  • Oracle VM VirtualBox 3.1
  • Oracle VM VirtualBox 3.1.0
  • Oracle VM VirtualBox 3.1.2
  • Oracle VM VirtualBox 3.1.4
  • Oracle VM VirtualBox 3.1.6
  • Oracle VM VirtualBox 3.1.8
  • Oracle VM VirtualBox 3.2
  • Oracle VM VirtualBox 3.2.0
  • Oracle VM VirtualBox 3.2.10
  • Oracle VM VirtualBox 3.2.12
  • Oracle VM VirtualBox 3.2.14
  • Oracle VM VirtualBox 3.2.16
  • Oracle VM VirtualBox 3.2.18
  • Oracle VM VirtualBox 3.2.19
  • Oracle VM VirtualBox 3.2.2
  • Oracle VM VirtualBox 3.2.20
  • Oracle VM VirtualBox 3.2.21
  • Oracle VM VirtualBox 3.2.22
  • Oracle VM VirtualBox 3.2.24
  • Oracle VM VirtualBox 3.2.25
  • Oracle VM VirtualBox 3.2.4
  • Oracle VM VirtualBox 3.2.6
  • Oracle VM VirtualBox 3.2.8
  • Oracle VM VirtualBox 3.3
  • Oracle VM VirtualBox 4.0
  • Oracle VM VirtualBox 4.0.0
  • Oracle VM VirtualBox 4.0.10
  • Oracle VM VirtualBox 4.0.12
  • Oracle VM VirtualBox 4.0.14
  • Oracle VM VirtualBox 4.0.16
  • Oracle VM VirtualBox 4.0.18
  • Oracle VM VirtualBox 4.0.2
  • Oracle VM VirtualBox 4.0.20
  • Oracle VM VirtualBox 4.0.21
  • Oracle VM VirtualBox 4.0.22
  • Oracle VM VirtualBox 4.0.23
  • Oracle VM VirtualBox 4.0.24
  • Oracle VM VirtualBox 4.0.26
  • Oracle VM VirtualBox 4.0.27
  • Oracle VM VirtualBox 4.0.30
  • Oracle VM VirtualBox 4.0.34
  • Oracle VM VirtualBox 4.0.35
  • Oracle VM VirtualBox 4.0.36
  • Oracle VM VirtualBox 4.0.4
  • Oracle VM VirtualBox 4.0.6
  • Oracle VM VirtualBox 4.0.8
  • Oracle VM VirtualBox 4.1
  • Oracle VM VirtualBox 4.1.0
  • Oracle VM VirtualBox 4.1.10
  • Oracle VM VirtualBox 4.1.14
  • Oracle VM VirtualBox 4.1.16
  • Oracle VM VirtualBox 4.1.18
  • Oracle VM VirtualBox 4.1.2
  • Oracle VM VirtualBox 4.1.20
  • Oracle VM VirtualBox 4.1.22
  • Oracle VM VirtualBox 4.1.24
  • Oracle VM VirtualBox 4.1.26
  • Oracle VM VirtualBox 4.1.28
  • Oracle VM VirtualBox 4.1.29
  • Oracle VM VirtualBox 4.1.30
  • Oracle VM VirtualBox 4.1.31
  • Oracle VM VirtualBox 4.1.32
  • Oracle VM VirtualBox 4.1.34
  • Oracle VM VirtualBox 4.1.35
  • Oracle VM VirtualBox 4.1.38
  • Oracle VM VirtualBox 4.1.4
  • Oracle VM VirtualBox 4.1.42
  • Oracle VM VirtualBox 4.1.43
  • Oracle VM VirtualBox 4.1.44
  • Oracle VM VirtualBox 4.1.6
  • Oracle VM VirtualBox 4.1.8
  • Oracle VM VirtualBox 4.2
  • Oracle VM VirtualBox 4.2.0
  • Oracle VM VirtualBox 4.2.10
  • Oracle VM VirtualBox 4.2.12
  • Oracle VM VirtualBox 4.2.14
  • Oracle VM VirtualBox 4.2.16
  • Oracle VM VirtualBox 4.2.18
  • Oracle VM VirtualBox 4.2.19
  • Oracle VM VirtualBox 4.2.2
  • Oracle VM VirtualBox 4.2.20
  • Oracle VM VirtualBox 4.2.22
  • Oracle VM VirtualBox 4.2.23
  • Oracle VM VirtualBox 4.2.24
  • Oracle VM VirtualBox 4.2.26
  • Oracle VM VirtualBox 4.2.27
  • Oracle VM VirtualBox 4.2.30
  • Oracle VM VirtualBox 4.2.34
  • Oracle VM VirtualBox 4.2.35
  • Oracle VM VirtualBox 4.2.36
  • Oracle VM VirtualBox 4.2.4
  • Oracle VM VirtualBox 4.2.6
  • Oracle VM VirtualBox 4.2.8
  • Oracle VM VirtualBox 4.3
  • Oracle VM VirtualBox 4.3.0
  • Oracle VM VirtualBox 4.3.10
  • Oracle VM VirtualBox 4.3.12
  • Oracle VM VirtualBox 4.3.14
  • Oracle VM VirtualBox 4.3.15
  • Oracle VM VirtualBox 4.3.16
  • Oracle VM VirtualBox 4.3.17
  • Oracle VM VirtualBox 4.3.18
  • Oracle VM VirtualBox 4.3.19
  • Oracle VM VirtualBox 4.3.2
  • Oracle VM VirtualBox 4.3.20
  • Oracle VM VirtualBox 4.3.26
  • Oracle VM VirtualBox 4.3.32
  • Oracle VM VirtualBox 4.3.33
  • Oracle VM VirtualBox 4.3.34
  • Oracle VM VirtualBox 4.3.35
  • Oracle VM VirtualBox 4.3.36
  • Oracle VM VirtualBox 4.3.4
  • Oracle VM VirtualBox 4.3.5
  • Oracle VM VirtualBox 4.3.6
  • Oracle VM VirtualBox 4.3.7
  • Oracle VM VirtualBox 4.3.8
  • Oracle VM VirtualBox 4.3.9
  • Oracle VM VirtualBox 5.0
  • Oracle VM VirtualBox 5.0.10
  • Oracle VM VirtualBox 5.0.11
  • Oracle VM VirtualBox 5.0.12
  • Oracle VM VirtualBox 5.0.13
  • Oracle VM VirtualBox 5.0.14
  • Oracle VM VirtualBox 5.0.16
  • Oracle VM VirtualBox 5.0.18
  • Oracle VM VirtualBox 5.0.22
  • Oracle VM VirtualBox 5.0.26
  • Oracle VM VirtualBox 5.0.28
  • Oracle VM VirtualBox 5.0.32
  • Oracle VM VirtualBox 5.0.34
  • Oracle VM VirtualBox 5.0.38
  • Oracle VM VirtualBox 5.0.8
  • Oracle VM VirtualBox 5.0.9
  • Oracle VM VirtualBox 5.1.10
  • Oracle VM VirtualBox 5.1.14
  • Oracle VM VirtualBox 5.1.16
  • Oracle VM VirtualBox 5.1.20
  • Oracle VM VirtualBox 5.1.24
  • Oracle VM VirtualBox 5.1.30
  • Oracle VM VirtualBox 5.1.32
  • Oracle VM VirtualBox 5.1.36
  • Oracle VM VirtualBox 5.1.8
  • Oracle VM VirtualBox 5.2.0
  • Oracle VM VirtualBox 5.2.10
  • Oracle VM VirtualBox 5.2.16
  • Oracle VM VirtualBox 5.2.18
  • Oracle VM VirtualBox 5.2.2
  • Oracle VM VirtualBox 5.2.20
  • Oracle VM VirtualBox 5.2.22
  • Oracle VM VirtualBox 5.2.4
  • Oracle VM VirtualBox 5.2.6
  • Symantec Director 6.1
  • Symantec PacketShaper 9.2
  • Symantec PolicyCenter 9.2
  • Symantec Security Analytics 7.2
  • Symantec Security Analytics 7.3
  • Symantec Security Analytics 8.0
  • Symantec Web Isolation 1.12
  • Tenable Nessus 1.0.1
  • Tenable Nessus 3.0.3
  • Tenable Nessus 4.0
  • Tenable Nessus 4.4.1
  • Tenable Nessus 5.0.2.23205
  • Tenable Nessus 5.2.3
  • Tenable Nessus 5.2.4
  • Tenable Nessus 5.2.7
  • Tenable Nessus 6.0.0
  • Tenable Nessus 6.0.1
  • Tenable Nessus 6.0.2
  • Tenable Nessus 6.1.0
  • Tenable Nessus 6.1.1
  • Tenable Nessus 6.1.2
  • Tenable Nessus 6.2.0
  • Tenable Nessus 6.2.1
  • Tenable Nessus 6.3.0
  • Tenable Nessus 6.3.1
  • Tenable Nessus 6.3.2
  • Tenable Nessus 6.3.3
  • Tenable Nessus 6.3.4
  • Tenable Nessus 6.3.5
  • Tenable Nessus 6.3.6
  • Tenable Nessus 6.3.7
  • Tenable Nessus 6.4.0
  • Tenable Nessus 6.4.1
  • Tenable Nessus 6.4.2
  • Tenable Nessus 6.4.3
  • Tenable Nessus 6.5.0
  • Tenable Nessus 6.5.1
  • Tenable Nessus 6.5.2
  • Tenable Nessus 6.5.3
  • Tenable Nessus 6.5.4
  • Tenable Nessus 6.5.5
  • Tenable Nessus 6.5.6
  • Tenable Nessus 6.6.0
  • Tenable Nessus 6.6.1
  • Tenable Nessus 6.6.2
  • Tenable Nessus 6.7.0
  • Tenable Nessus 6.8.0
  • Tenable Nessus 6.9.0
  • Tenable Nessus 6.9.1
  • Tenable Nessus 6.9.2
  • Tenable Nessus 6.9.3
  • Tenable Nessus 7.0
  • Tenable Nessus 7.1.0
  • Tenable Nessus 7.1.1
  • Tenable Nessus 7.1.2
  • Tenable Nessus 7.1.3
  • Tenable Nessus 7.2.0
  • Tenable Nessus 7.2.1
  • Tenable Nessus 7.2.2
  • Tenable Nessus 8.0.0
  • Tenable Nessus 8.1.0

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Given the local nature of this issue, grant only trusted and accountable individuals access to affected computers.

Updates are available. Please see the references or vendor advisory for more information.