CVEID:CVE-2021-23840
**DESCRIPTION:**OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196848 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM DataPower Gateway	2018.4.1.0-2018.4.1.16

Remediation/Fixes

Affected Product
| Fixed in Version
| APAR

—|—|—
2018.4.1
| 2018.4.1.17
| IT37298

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm datapower gatewayeq2018.4.1

CPE	Name	Operator	Version
	ibm datapower gateway	eq	2018.4.1

alpinelinux 1

rustsec 1

ibm 30

osv 10

redhatcve 2

openssl 1

ubuntucve 1

f5 1

cloudlinux 1

openvas 46

cve 1

nessus 63

debiancve 1

githubexploit 1

nvd 1

prion 1

veracode 1

cvelist 1

github 1

oraclelinux 5

altlinux 2

mageia 1

ics 1

rocky 2

debian 4

amazon 4

redhat 2

suse 3

photon 1

centos 1

cloudfoundry 1

almalinux 2

freebsd_advisory 1

hackerone 1

ubuntu 1

archlinux 1

freebsd 1

alpinelinux

CVE-2021-23840

2021-02-16 17:15:13

rustsec

Integer overflow in CipherUpdate

2021-05-01 12:00:00

ibm

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

2021-03-18 23:22:56

Security Bulletin: IBM MQ is vulnerable to an issue within OpenSSL (CVE-2021-23840)

2021-06-22 17:33:28

Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2021-23840)

2021-05-18 07:26:32

osv

Integer overflow in CipherUpdate

2021-05-01 12:00:00

Integer Overflow in openssl-src

2021-08-25 20:52:19

CVE-2021-23840

2021-02-16 17:15:13

redhatcve

CVE-2021-23840

2021-02-18 17:04:10

CVE-2020-36242

2021-02-08 13:33:48

openssl

Vulnerability in OpenSSL CVE-2021-23840

2021-02-16 00:00:00

ubuntucve

CVE-2021-23840

2021-02-16 00:00:00

K24624116 : OpenSSL vulnerability CVE-2021-23840

2021-02-18 00:00:00

cloudlinux

Fix of CVE: CVE-2021-23840

2021-09-21 22:03:05

openvas

OpenSSL: Integer overflow in CipherUpdate (CVE-2021-23840) - Linux

2021-02-17 00:00:00

OpenSSL: Integer overflow in CipherUpdate (CVE-2021-23840) - Windows

2021-02-17 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:14667-1)

2021-06-09 00:00:00

cve

CVE-2021-23840

2021-02-16 17:15:13

nessus

F5 Networks BIG-IP : OpenSSL vulnerability (K24624116)

2021-10-28 00:00:00

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2021:0793-1)

2021-03-17 00:00:00

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2021:0769-1)

2021-03-12 00:00:00

debiancve

CVE-2021-23840

2021-02-16 17:15:13

githubexploit

Exploit for Integer Overflow or Wraparound in Openssl

2023-09-11 09:24:54

nvd

CVE-2021-23840

2021-02-16 17:15:13

prion

Design/Logic Flaw

2021-02-16 17:15:00

veracode

Denial Of Service (DoS)

2021-02-17 18:09:31

cvelist

CVE-2021-23840 Integer overflow in CipherUpdate

2021-02-16 00:00:00

github

Integer Overflow in openssl-src

2021-08-25 20:52:19

oraclelinux

openssl security update

2021-10-13 00:00:00

openssl security update

2021-10-29 00:00:00

openssl security update

2021-10-13 00:00:00

altlinux

Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1j-alt1

2021-03-12 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1j-alt1

2021-03-17 00:00:00

mageia

Updated openssl and compat-openssl10 packages fix security vulnerabilities

2021-03-04 19:53:32

ics

Mitsubishi Electric MELSOFT GT OPC UA

2022-05-10 12:00:00

rocky

edk2 security, bug fix, and enhancement update

2021-11-09 08:37:02

openssl security and bug fix update

2021-11-09 09:21:13

debian

[SECURITY] [DLA 2563-1] openssl security update

2021-02-18 12:11:49

[SECURITY] [DLA 2565-1] openssl1.0 security update

2021-02-18 18:10:13

[SECURITY] [DSA 4855-1] openssl security update

2021-02-17 13:40:59

amazon

Medium: openssl

2021-02-23 20:18:00

Medium: openssl11

2021-03-18 01:40:00

Medium: openssl11

2021-03-18 01:40:00

redhat

(RHSA-2021:4424) Moderate: openssl security and bug fix update

2021-11-09 09:21:13

(RHSA-2021:3798) Moderate: openssl security update

2021-10-12 13:20:50

suse

Security update for openssl-1_0_0 (moderate)

2021-03-17 00:00:00

Security update for openssl-1_1 (moderate)

2021-03-16 00:00:00

Security update for nodejs12 (important)

2021-02-28 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0325

2021-03-05 00:00:00

centos

openssl security update

2021-11-17 14:51:29

cloudfoundry

USN-4738-1: OpenSSL vulnerabilities | Cloud Foundry

2021-03-02 00:00:00

almalinux

Moderate: openssl security and bug fix update

2021-11-09 09:21:13

Moderate: edk2 security, bug fix, and enhancement update

2021-11-09 08:37:02

freebsd_advisory

FreeBSD-SA-21:17.openssl

2021-08-24 00:00:00

hackerone

Internet Bug Bounty: Integer overflow in CipherUpdate

2021-02-27 21:14:37

ubuntu

OpenSSL vulnerabilities

2021-02-18 00:00:00

archlinux

[ASA-202102-42] openssl: multiple issues

2021-02-27 00:00:00

freebsd

OpenSSL -- Multiple vulnerabilities

2021-02-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.008 Low

EPSS

Percentile

82.3%

JSON

Related for 1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420