CVEID:CVE-2020-1971
**DESCRIPTION:**OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERAL_NAME_cmp function contain an EDIPARTYNAME, an attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192748 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Integrated Analytics System	1.0.0-1.0.24.0

Remediation/Fixes

roduct	VRMF	Remediation / First Fix
IBM Integrated Analytics System	1.0.25.0	Link To Fix Central

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm integrated analytics systemeqany

CPE	Name	Operator	Version
	ibm integrated analytics system	eq	any

redhat 15

ibm 30

cbl_mariner 1

openvas 34

suse 4

archlinux 1

gentoo 1

osv 7

debian 4

nessus 70

f5 1

freebsd_advisory 1

nvd 1

debiancve 1

freebsd 1

cloudlinux 1

redhatcve 1

altlinux 2

prion 1

fedora 2

veracode 1

cve 1

cvelist 1

alpinelinux 1

openssl 1

oraclelinux 3

ubuntu 1

amazon 2

cloudfoundry 1

mageia 1

almalinux 1

ubuntucve 1

mscve 1

photon 2

githubexploit 1

centos 1

redhat

(RHSA-2021:0491) Low: Red Hat JBoss Web Server 3.1 Service Pack 11 security update

2021-02-11 13:35:32

(RHSA-2021:0486) Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP6 security update

2021-02-11 13:09:49

(RHSA-2021:0488) Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP6 security update

2021-02-11 13:24:10

ibm

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to a denial of service vulnerability (CVE-2020-1971)

2021-04-28 15:55:31

Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2020-1971)

2021-03-03 15:59:54

Security Bulletin: OpenSSL vulnerabilites impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2020-1971)

2021-06-04 00:54:38

cbl_mariner

CVE-2020-1971 affecting package mysql 8.0.22-2

2021-08-25 19:57:27

openvas

Ubuntu: Security Advisory (USN-4662-1)

2020-12-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:3763-1)

2021-04-19 00:00:00

Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2021-1696)

2021-03-24 00:00:00

suse

Security update for openssl-1_0_0 (important)

2020-12-12 00:00:00

Security update for openssl-1_1 (important)

2020-12-10 00:00:00

Security update for openssl-1_0_0 (important)

2020-12-17 00:00:00

archlinux

[ASA-202012-24] openssl: denial of service

2020-12-16 00:00:00

gentoo

OpenSSL: Denial of service

2020-12-23 00:00:00

osv

openssl - security update

2020-12-14 00:00:00

openssl - security update

2020-12-08 00:00:00

BIT-node-2020-1971

2024-03-06 11:08:41

debian

[SECURITY] [DSA 4807-1] openssl security update

2020-12-08 15:25:11

[SECURITY] [DSA 4807-1] openssl security update

2020-12-08 15:25:11

[SECURITY] [DLA 2493-1] openssl1.0 security update

2020-12-14 09:04:19

nessus

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2021-1505)

2021-03-04 00:00:00

Oracle Linux 6 : openssl (ELSA-2021-9137)

2021-03-26 00:00:00

RHEL 8 : openssl (RHSA-2020:5476)

2020-12-18 00:00:00

K42910051 : OpenSSL vulnerability CVE-2020-1971

2021-01-14 00:00:00

freebsd_advisory

FreeBSD-SA-20:33.openssl

2020-12-08 00:00:00

nvd

CVE-2020-1971

2020-12-08 16:15:11

debiancve

CVE-2020-1971

2020-12-08 16:15:11

freebsd

OpenSSL -- NULL pointer de-reference

2020-12-08 00:00:00

cloudlinux

Fix CVE: CVE-2020-1971

2020-12-09 11:10:00

redhatcve

CVE-2020-1971

2020-12-08 16:10:44

altlinux

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1i-alt1

2020-12-09 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1i-alt1

2020-12-08 00:00:00

prion

Null pointer dereference

2020-12-08 16:15:00

fedora

[SECURITY] Fedora 32 Update: openssl-1.1.1i-1.fc32

2020-12-21 01:36:23

[SECURITY] Fedora 33 Update: openssl-1.1.1i-1.fc33

2020-12-16 01:43:55

veracode

Denial Of Service (DoS)

2020-12-09 10:07:39

cve

CVE-2020-1971

2020-12-08 16:15:11

cvelist

CVE-2020-1971 EDIPARTYNAME NULL pointer dereference

2020-12-08 00:00:00

alpinelinux

CVE-2020-1971

2020-12-08 16:15:11

openssl

Vulnerability in OpenSSL CVE-2020-1971

2020-12-08 00:00:00

oraclelinux

openssl security and bug fix update

2020-12-17 00:00:00

openssl security update

2020-12-17 00:00:00

openssl security update

2021-03-26 00:00:00

ubuntu

OpenSSL vulnerability

2020-12-08 00:00:00

amazon

Important: openssl

2020-12-08 19:28:00

Important: openssl, openssl11

2020-12-08 21:31:00

cloudfoundry

USN-4662-1: OpenSSL vulnerability | Cloud Foundry

2021-01-12 00:00:00

mageia

Updated openssl packages fix security vulnerability

2020-12-22 00:47:06

almalinux

Important: openssl security and bug fix update

2020-12-15 15:55:57

ubuntucve

CVE-2020-1971

2020-12-08 00:00:00

mscve

OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference

2021-10-12 07:00:00

photon

Moderate Photon OS Security Update - PHSA-2020-0175

2020-12-10 00:00:00

Moderate Photon OS Security Update - PHSA-2020-3.0-0175

2020-12-10 00:00:00

githubexploit

Exploit for NULL Pointer Dereference in Openssl

2020-12-09 21:32:15

centos

openssl security update

2020-12-18 00:03:46

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for 09B2AB76F2BDB96C1D80882C003F4EB4F06924E6DBF0BF3818CF83A2F0AF4B47