Lucene search

K
f5F5F5:K15158
HistoryFeb 04, 2015 - 12:00 a.m.

K15158 : OpenSSL vulnerability CVE-2013-6450

2015-02-0400:00:00
my.f5.com
26

7.1 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

Security Advisory Description

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450)
Impact
Remote attackers may be able to cause a denial-of-service (DoS) attack using crafted traffic.