Lucene search
F5F5:K43429502HistoryMay 31, 2018 - 12:00 a.m.
K43429502 : OpenSSL RSA key generation vulnerability CVE-2018-0737
2018-05-3100:00:00
my.f5.com
80
Security Advisory Description
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). (CVE-2018-0737)
Impact
Traffix SDC
An attacker may recover the private key when the vulnerability is exploited.
BIG-IP / BIG-IQ / F5 iWorkflow / Enterprise Manager / ARX / LineRate
There is no impact; these F5 products are not affected by this vulnerability.
Related
suse
suse
Security update for openssl (moderate)
2018-09-30 18:09:41
Security update for openssl-1_1 (moderate)
2019-02-08 00:00:00
Security update for openssl-1_0_0 (moderate)
2018-10-05 12:11:01
openvas
openvas
openSUSE: Security Advisory for openssl (openSUSE-SU-2018:2957-1)
2018-10-01 00:00:00
Ubuntu: Security Advisory (USN-3628-1)
2018-10-26 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2018-1383)
2020-01-23 00:00:00
photon
photon
nessus
nessus
SUSE SLES11 Security Update : openssl (SUSE-SU-2018:2486-1)
2018-08-24 00:00:00
AIX OpenSSL Advisory : openssl_advisory27.asc
2018-07-26 00:00:00
SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:0197-1)
2019-01-30 00:00:00
amazon
amazon
Low: openssl
2018-04-19 17:38:00
Medium: openssl
2018-04-26 17:38:00
prion
prion
Design/Logic Flaw
2018-04-16 18:29:00
cvelist
cvelist
CVE-2018-0737 Cache timing vulnerability in RSA Key Generation
2018-04-16 00:00:00
freebsd
freebsd
OpenSSL -- Cache timing vulnerability
2018-04-16 00:00:00
ibm
ibm
Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2018-0737)
2019-03-27 07:35:01
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in OpenSSL (CVE-2018-0737)
2019-04-16 21:05:01
Security Bulletin: Vulnerability in OpenSSL affects AIX (CVE-2018-0737)
2018-07-02 17:25:33
openssl
openssl
Vulnerability in OpenSSL CVE-2018-0737
2018-04-16 00:00:00
alpinelinux
alpinelinux
CVE-2018-0737
2018-04-16 18:29:00
nvd
nvd
CVE-2018-0737
2018-04-16 18:29:00
ubuntu
ubuntu
OpenSSL vulnerability
2018-04-19 00:00:00
OpenSSL vulnerability
2018-04-19 00:00:00
OpenSSL vulnerabilities
2018-06-26 00:00:00
aix
aix
Vulnerability in OpenSSL affects AIX (CVE-2018-0737)
2018-07-02 11:24:30
redhatcve
redhatcve
CVE-2018-0737
2018-04-17 04:20:15
osv
osv
CVE-2018-0737
2018-04-16 18:29:00
openssl - security update
2018-07-28 00:00:00
openssl1.0 - security update
2018-12-19 00:00:00
cloudfoundry
cloudfoundry
USN-3628-1: OpenSSL vulnerability | Cloud Foundry
2018-05-09 00:00:00
USN-3692-1: OpenSSL vulnerabilities | Cloud Foundry
2018-07-10 00:00:00
debiancve
debiancve
CVE-2018-0737
2018-04-16 18:29:00
veracode
veracode
Cache Timing Side-Channel Attack
2018-04-17 01:51:19
huawei
huawei
Security Advisory - Cache Timing Vulnerability in OpenSSL RSA Key Generation
2018-12-12 00:00:00
cve
cve
CVE-2018-0737
2018-04-16 18:29:00
ubuntucve
ubuntucve
CVE-2018-0737
2018-04-16 00:00:00
oraclelinux
oraclelinux
openssl security update
2018-10-15 00:00:00
openssl security update
2018-10-12 00:00:00
openssl security update
2018-10-12 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: openssl-1.1.0i-1.fc28
2018-09-22 20:52:36
[SECURITY] Fedora 27 Update: openssl-1.1.0i-1.fc27
2018-10-02 15:03:41
[SECURITY] Fedora 29 Update: compat-openssl10-1.0.2o-7.fc29
2019-09-26 01:41:32
mageia
mageia
Updated openssl packages fix security vulnerabilities
2018-09-02 22:07:30
debian
debian
[SECURITY] [DLA 1449-1] openssl security update
2018-07-28 03:56:18
[SECURITY] [DSA 4355-1] openssl1.0 security update
2018-12-19 22:29:59
[SECURITY] [DSA 4348-1] openssl security update
2018-11-30 22:26:20
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.2p-alt1
2018-08-16 00:00:00
slackware
slackware
[slackware-security] openssl
2018-08-15 00:18:35
symantec
symantec
OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018
2018-10-10 08:01:01
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2018-11-28 00:00:00
paloalto
paloalto
OpenSSL Vulnerabilities in PAN-OS
2018-10-11 00:00:00
nodejsblog
nodejsblog
August 2018 Security Releases
2018-08-11 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2018-0739, CVE-2018-0737, CVE-2021-3712, CVE-2018-0732
2021-09-21 22:11:57
avleonov
avleonov
Vulnerability Databases: Classification and Registry
2018-06-05 15:57:41
redhat
redhat
(RHSA-2018:3221) Moderate: openssl security, bug fix, and enhancement update
2018-10-30 04:31:37
centos
centos
openssl security update
2018-11-15 18:50:49