FreeBSD7392E1E3-4EB9-11ED-856E-D4C9EF517024

HistoryOct 11, 2022 - 12:00 a.m.

Vulners
/
Freebsd
/
OpenSSL -- Potential NULL encryption in NID_undef with Custom Cipher

OpenSSL -- Potential NULL encryption in NID_undef with Custom Cipher

2022-10-1100:00:00

vuxml.freebsd.org

openssl

custom cipher

nid_undef

null encryption

risk

unix

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

44.6%

JSON

The OpenSSL project reports:

Using a Custom Cipher with NID_undef may lead to NULL encryption (low)

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenssl-devel< 3.0.6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	openssl-devel	< 3.0.6	UNKNOWN

References

www.openssl.org/news/secadv/20221011.txt

nessus 13

openvas 4

broadcom 2

prion 1

osv 5

oraclelinux 1

rapid7blog 1

cve 1

cvelist 1

wolfi 1

rustsec 1

redhat 3

github 1

veracode 1

alpinelinux 1

cgr 1

f5 1

debiancve 1

redhatcve 1

almalinux 1

nvd 1

ubuntucve 1

openssl 1

nodejsblog 1

photon 2

ibm 2

ubuntu 1

suse 1

aix 1

metasploit 1

gentoo 1

oracle 1

nessus

FreeBSD : OpenSSL -- Potential NULL encryption in NID_undef with Custom Cipher (7392e1e3-4eb9-11ed-856e-d4c9ef517024)

2022-10-18 00:00:00

Oracle Linux 9 : openssl (ELSA-2023-2523)

2023-05-15 00:00:00

OpenSSL 3.0.0 < 3.0.6 Vulnerability

2022-10-11 00:00:00

openvas

OpenSSL: Using a Custom Cipher with NID_undef may lead to NULL encryption (CVE-2022-3358) - Linux

2022-10-12 00:00:00

OpenSSL: Using a Custom Cipher with NID_undef may lead to NULL encryption (CVE-2022-3358) - Windows

2022-10-12 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:3843-1)

2022-11-02 00:00:00

broadcom

CVE-2022-3358 : Using a Custom Cipher with NID_undef may lead to NULL encryption

2022-11-01 00:00:00

CVE-2022-3358 : Using a Custom Cipher with NID_undef may lead to NULL encryption

2022-11-01 00:00:00

prion

Code injection

2022-10-11 15:15:00

osv

CVE-2022-3358

2022-10-11 15:15:10

Low: openssl security and bug fix update

2023-05-09 00:00:00

Using a Custom Cipher with `NID_undef` may lead to NULL encryption

2022-10-11 19:00:29

oraclelinux

openssl security and bug fix update

2023-05-15 00:00:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-11-11 21:16:38

cve

CVE-2022-3358

2022-10-11 15:15:10

cvelist

CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption

2022-10-11 00:00:00

wolfi

CVE-2022-3358 vulnerabilities

2024-07-01 15:27:45

rustsec

Using a Custom Cipher with `NID_undef` may lead to NULL encryption

2022-10-11 12:00:00

redhat

(RHSA-2023:2523) Low: openssl security and bug fix update

2023-05-09 05:13:15

(RHSA-2023:3367) Important: OpenShift Container Platform 4.13.2 bug fix and security update

2023-06-07 01:48:02

(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

2023-06-21 15:20:50

github

Using a Custom Cipher with `NID_undef` may lead to NULL encryption

2022-10-11 19:00:29

veracode

Improper Access Control

2022-10-14 12:44:57

alpinelinux

CVE-2022-3358

2022-10-11 15:15:10

cgr

CVE-2022-3358 vulnerabilities

2024-05-19 03:07:16

K32553170 : OpenSSL vulnerability CVE-2022-3358

2022-10-18 00:00:00

debiancve

CVE-2022-3358

2022-10-11 15:15:10

redhatcve

CVE-2022-3358

2022-10-14 08:22:15

almalinux

Low: openssl security and bug fix update

2023-05-09 00:00:00

nvd

CVE-2022-3358

2022-10-11 15:15:10

ubuntucve

CVE-2022-3358

2022-10-11 00:00:00

openssl

Vulnerability in OpenSSL CVE-2022-3358

2022-09-29 00:00:00

nodejsblog

OpenSSL and zlib update assessment, and Node.js Assessment workflow

2022-10-24 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-0267

2022-10-21 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0267

2022-10-21 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in OpenSSL affect AIX

2023-01-24 16:12:50

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to denial of service and loss of confidentiality due to multiple vulnerabilities

2023-07-25 13:36:35

ubuntu

OpenSSL vulnerabilities

2022-11-01 00:00:00

suse

Security update for openssl-3 (critical)

2022-11-01 00:00:00

aix

Multiple vulnerabilities in OpenSSL affect AIX

2023-01-24 09:22:21

metasploit

SSL/TLS Version Detection

2022-11-01 03:42:40

gentoo

OpenSSL: Multiple Vulnerabilities

2024-02-04 00:00:00

oracle

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

44.6%

JSON

Related for 7392E1E3-4EB9-11ED-856E-D4C9EF517024