5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.183 Low
EPSS
Percentile
96.2%
OpenSSL security team reports:
A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1
and TLS 1.2 on AES-NI supporting platforms can be exploited in a
DoS attack.
A flaw in the OpenSSL handling of OCSP response verification can
be exploited in a denial of service attack.