Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption. (CVE-2017-15896)

Impact

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 1821

ubuntucve 2

alpinelinux 2

nvd 2

cvelist 2

cve 2

prion 2

redhatcve 2

debiancve 2

osv 3

nodejsblog 1

veracode 2

freebsd 3

nessus 48

altlinux 6

openvas 24

openssl 1

ibm 59

aix 1

seebug 1

f5 1

ics 1

slackware 1

ubuntu 1

photon 4

symantec 1

debian 1

redhat 4

oraclelinux 3

freebsd_advisory 1

centos 1

gentoo 1

archlinux 1

mageia 1

suse 4

amazon 2

oracle 4

ubuntucve

CVE-2017-15896

2017-12-11 00:00:00

CVE-2017-3737

2017-12-07 00:00:00

alpinelinux

CVE-2017-15896

2017-12-11 21:29:00

CVE-2017-3737

2017-12-07 16:29:00

nvd

CVE-2017-15896

2017-12-11 21:29:00

CVE-2017-3737

2017-12-07 16:29:00

cvelist

CVE-2017-15896

2017-12-07 00:00:00

CVE-2017-3737

2017-12-07 00:00:00

cve

CVE-2017-15896

2017-12-11 21:29:00

CVE-2017-3737

2017-12-07 16:29:00

prion

Design/Logic Flaw

2017-12-11 21:29:00

Design/Logic Flaw

2017-12-07 16:29:00

redhatcve

CVE-2017-15896

2017-12-12 16:20:11

CVE-2017-3737

2017-12-08 07:49:46

debiancve

CVE-2017-15896

2017-12-11 21:29:00

CVE-2017-3737

2017-12-07 16:29:00

osv

CVE-2017-15896

2017-12-11 21:29:00

CVE-2017-3737

2017-12-07 16:29:00

openssl1.0 - security update

2017-12-17 00:00:00

nodejsblog

Data Confidentiality/Integrity Vulnerability, December 2017

2017-12-08 00:00:00

veracode

Authentication Bypass

2017-12-14 05:07:09

Denial Of Service (DoS) Through Error State

2018-04-23 07:59:53

freebsd

node.js -- Data Confidentiality/Integrity Vulnerability, December 2017

2017-12-08 00:00:00

OpenSSL -- multiple vulnerabilities

2017-12-07 00:00:00

FreeBSD -- OpenSSL multiple vulnerabilities

2017-12-09 00:00:00

nessus

FreeBSD : node.js -- Data Confidentiality/Integrity Vulnerability, December 2017 (bea84a7a-e0c9-11e7-b4f3-11baa0c2df21)

2017-12-15 00:00:00

SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2018:0002-1)

2019-01-02 00:00:00

openSUSE Security Update : nodejs4 (openSUSE-2018-5)

2018-01-08 00:00:00

altlinux

Security fix for the ALT Linux 10 package node version 6.13.0-alt1

2018-02-27 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2n-alt1

2017-12-07 00:00:00

Security fix for the ALT Linux 8 package openssl10 version 1.0.2n-alt1

2017-12-07 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2018:0002-1)

2021-06-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2018:0293-1)

2021-06-09 00:00:00

OpenSSL Security Bypass Vulnerability (Dec 2017) - Linux

2017-12-08 00:00:00

openssl

Vulnerability in OpenSSL CVE-2017-3737

2017-12-07 00:00:00

ibm

Security Bulletin: Vulnerability in OpenSSL affects AIX (CVE-2017-3737)

2021-09-15 12:14:52

Security Bulletin: OpenSSL Vulnerability affects IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware (CVE-2017-3737)

2022-02-01 11:19:59

Security Bulletin: OpenSSL Vulnerability affects IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Unix (CVE-2017-3737)

2022-02-01 11:19:59

aix

Vulnerability in OpenSSL affects AIX (CVE-2017-3737)

2018-01-29 10:36:55

seebug

An Analysis of the OpenSSL SSL Handshake Error State Security Bypass (CVE-2017-3737)

2018-01-15 00:00:00

K43452233 : OpenSSL vulnerability CVE-2017-3737

2018-01-26 00:00:00

ics

Siemens OpenSSL Vulnerability in Industrial Products (Update E)

2019-04-09 12:00:00

slackware

[slackware-security] openssl

2017-12-09 03:52:34

ubuntu

OpenSSL vulnerabilities

2017-12-11 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-0010-A

2018-01-06 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0097-A

2018-01-06 00:00:00

Moderate Photon OS Security Update - PHSA-2018-0097

2018-01-06 00:00:00

symantec

SA159: OpenSSL Vulnerabilities 7-Dec-2017

2018-01-16 08:00:00

debian

[SECURITY] [DSA 4065-1] openssl1.0 security update

2017-12-17 13:59:51

redhat

(RHSA-2018:0998) Moderate: openssl security and bug fix update

2018-04-10 05:05:23

(RHSA-2018:2187) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

2018-07-12 16:04:13

(RHSA-2018:2186) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update

2018-07-12 16:04:10

oraclelinux

openssl security update

2018-04-18 00:00:00

openssl security and bug fix update

2018-04-16 00:00:00

openssl security update

2019-03-13 00:00:00

freebsd_advisory

FreeBSD-SA-17:12.openssl

2017-12-09 00:00:00

centos

openssl security update

2018-04-26 17:48:29

gentoo

OpenSSL: Multiple vulnerabilities

2017-12-14 00:00:00

archlinux

[ASA-201712-11] lib32-openssl-1.0: multiple issues

2017-12-17 00:00:00

mageia

Updated openssl packages fix security vulnerabilities

2017-12-17 02:20:04

suse

Security update for openssl (important)

2017-12-16 06:08:45

Security update for openssl (important)

2017-12-16 15:07:17

Security update for virtualbox (important)

2018-04-24 03:20:04

amazon

Medium: openssl

2018-05-10 17:29:00

Medium: openssl

2018-04-26 17:38:00

oracle

Oracle Critical Patch Update - April 2018

2018-04-17 00:00:00

Oracle Critical Patch Update - January 2018

2018-01-16 00:00:00

Oracle Critical Patch Update Advisory - July 2019

2019-07-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.7 Medium

AI Score

Confidence

High

0.946 High

EPSS

Percentile

99.3%

JSON

Related for F5:K18364001