Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2023-0401.NASLHistoryJan 11, 2024 - 12:00 a.m.
Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0401)
2024-01-1100:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
siemens
scalance
openssl
null pointer dereference
cve-2023-0401
signature verification
crash
hash algorithm
pkcs7
smime
time stamp
tls
third party
tenable.ot
security scanner
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.6
Confidence
High
EPSS
0.005
Percentile
77.4%
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501876);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/15");
script_cve_id("CVE-2023-0401");
script_name(english:"Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0401)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A NULL pointer can be dereferenced when signatures are being verified
on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm
used for the signature is known to the OpenSSL library but the
implementation of the hash algorithm is not available the digest
initialization will fail. There is a missing check for the return
value from the initialization function which later leads to invalid
usage of the digest API most likely leading to a crash. The
unavailability of an algorithm can be caused by using FIPS enabled
configuration of providers or more commonly by not loading the legacy
provider. PKCS7 data is processed by the SMIME library calls and also
by the time stamp (TS) library calls. The TLS implementation in
OpenSSL does not call these functions however third party applications
would be affected if they call these functions to verify signatures on
untrusted data.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20230207.txt");
# https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?11e6a733");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0401");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(476);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/08");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/11");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb205-3ld_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb213-3ld_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xb216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc208g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_3g_poe_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216_4c_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc216eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_4c_g_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xc224_4c_g_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_dna_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_2ba_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xf204_2ba_dna_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp208poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xp216poe_eec_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr324wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_xr328-4c_wg_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc208_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware:-");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:scalance_xb205-3_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5205-3BB00-2AB2","6GK5205-3BB00-2TB2","6GK5205-3BD00-2TB2","6GK5205-3BD00-2AB2"]},
"cpe:/o:siemens:scalance_xb205-3ld_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5205-3BF00-2TB2","6GK5205-3BF00-2AB2"]},
"cpe:/o:siemens:scalance_xb208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2TB2","6GK5208-0BA00-2AB2"]},
"cpe:/o:siemens:scalance_xb213-3_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5213-3BD00-2TB2","6GK5213-3BD00-2AB2","6GK5213-3BB00-2TB2","6GK5213-3BB00-2AB2"]},
"cpe:/o:siemens:scalance_xb213-3ld_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5213-3BF00-2TB2","6GK5213-3BF00-2AB2"]},
"cpe:/o:siemens:scalance_xb216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2TB2","6GK5216-0BA00-2AB2"]},
"cpe:/o:siemens:scalance_xc206-2_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BD00-2AC2","6GK5206-2BB00-2AC2"]},
"cpe:/o:siemens:scalance_xc206-2g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2RS00-2AC2","6GK5206-2RS00-5AC2"]},
"cpe:/o:siemens:scalance_xc206-2g_poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2RS00-5FC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BS00-2AC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2BS00-2FC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2GS00-2AC2","6GK5206-2GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc206-2sfp_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5206-2GS00-2FC2"]},
"cpe:/o:siemens:scalance_xc208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc208eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0BA00-2FC2"]},
"cpe:/o:siemens:scalance_xc208g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0GA00-2AC2","6GK5208-0GA00-2TC2"]},
"cpe:/o:siemens:scalance_xc208g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0GA00-2FC2"]},
"cpe:/o:siemens:scalance_xc208g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0RA00-2AC2","6GK5208-0RA00-5AC2"]},
"cpe:/o:siemens:scalance_xc216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc216_3g_poe_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-3RS00-2AC2","6GK5216-3RS00-5AC2"]},
"cpe:/o:siemens:scalance_xc216_4c_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4BS00-2AC2"]},
"cpe:/o:siemens:scalance_xc216_4c_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4GS00-2AC2","6GK5216-4GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc216_4c_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-4GS00-2FC2"]},
"cpe:/o:siemens:scalance_xc216eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0BA00-2FC2"]},
"cpe:/o:siemens:scalance_xc224_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-0BA00-2AC2"]},
"cpe:/o:siemens:scalance_xc224_4c_g_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-4GS00-2AC2","6GK5224-4GS00-2TC2"]},
"cpe:/o:siemens:scalance_xc224_4c_g_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5224-4GS00-2FC2"]},
"cpe:/o:siemens:scalance_xf204_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-0BA00-2GF2"]},
"cpe:/o:siemens:scalance_xf204_dna_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-0BA00-2YF2"]},
"cpe:/o:siemens:scalance_xf204_2ba_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-2AA00-2GF2"]},
"cpe:/o:siemens:scalance_xf204_2ba_dna_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5204-2AA00-2YF2"]},
"cpe:/o:siemens:scalance_xp208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0HA00-2AS6","6GK5208-0HA00-2TS6"]},
"cpe:/o:siemens:scalance_xp208eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0HA00-2ES6"]},
"cpe:/o:siemens:scalance_xp208poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5208-0UA00-5ES6"]},
"cpe:/o:siemens:scalance_xp216_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0HA00-2AS6","6GK5216-0HA00-2TS6"]},
"cpe:/o:siemens:scalance_xp216eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0HA00-2ES6"]},
"cpe:/o:siemens:scalance_xp216poe_eec_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5216-0UA00-5ES6"]},
"cpe:/o:siemens:scalance_xr324wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5324-0BA00-3AR3","6GK5324-0BA00-2AR3"]},
"cpe:/o:siemens:scalance_xr326-2c_poe_wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5326-2QS00-3AR3","6GK5326-2QS00-3RR3"]},
"cpe:/o:siemens:scalance_xr328-4c_wg_firmware:-" :
{"family" : "SCALANCEX300", "versionEndExcluding" : "4.5", "orderNumbers": ["6GK5328-4FS00-3AR3","6GK5328-4FS00-3RR3","6GK5328-4FS00-2AR3","6GK5328-4FS00-2RR3","6GK5328-4SS00-3AR3","6GK5328-4SS00-2AR3"]},
"cpe:/o:siemens:siplus_net_scalance_xc206-2_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1206-2BB00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc206-2sfp_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1206-2BS00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc208_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1208-0BA00-7AC2"]},
"cpe:/o:siemens:siplus_net_scalance_xc216-4c_firmware:-" :
{"family" : "SCALANCEX200", "versionEndExcluding" : "4.5", "orderNumbers": ["6AG1216-4BS00-7AC2"]}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
Related
redhatcve
redhatcve
CVE-2023-0401
2023-02-07 17:30:58
github
github
openssl-src contains `NULL` dereference during PKCS7 data verification
2023-02-08 22:21:22
prion
prion
Null pointer dereference
2023-02-08 20:15:00
cvelist
cvelist
CVE-2023-0401 NULL dereference during PKCS7 data verification
2023-02-08 19:00:53
debiancve
debiancve
CVE-2023-0401
2023-02-08 20:15:24
rustsec
rustsec
`NULL` dereference during PKCS7 data verification
2023-02-07 12:00:00
veracode
veracode
NULL Pointer Dereference
2023-02-11 09:36:27
cgr
cgr
CVE-2023-0401 vulnerabilities
2024-05-19 03:07:16
openssl
openssl
Vulnerability in OpenSSL - NULL dereference during PKCS7 data verification
2023-02-07 00:00:00
osv
osv
`NULL` dereference during PKCS7 data verification
2023-02-07 12:00:00
openssl-src contains `NULL` dereference during PKCS7 data verification
2023-02-08 22:21:22
CGA-vqc4-j6m7-7pv6
2024-06-06 12:29:36
nvd
nvd
CVE-2023-0401
2023-02-08 20:15:24
cve
cve
CVE-2023-0401
2023-02-08 20:15:24
ubuntucve
ubuntucve
CVE-2023-0401
2023-02-07 00:00:00
alpinelinux
alpinelinux
CVE-2023-0401
2023-02-08 20:15:24
wolfi
wolfi
CVE-2023-0401 vulnerabilities
2024-09-30 03:53:08
f5
f5
openvas
openvas
OpenSSL 3.0 < 3.0.8 Multiple Vulnerabilities - Windows
2023-02-08 00:00:00
OpenSSL 3.0 < 3.0.8 Multiple Vulnerabilities - Linux
2023-02-08 00:00:00
Ubuntu: Security Advisory (USN-6564-1)
2024-01-04 00:00:00
redos
redos
ROS-20230418-05
2023-04-18 00:00:00
ibm
ibm
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to OpenSSL
2023-06-23 10:33:10
ubuntu
ubuntu
Node.js vulnerabilities
2024-01-03 00:00:00
OpenSSL vulnerabilities
2023-02-07 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Node.js vulnerabilities (USN-6564-1)
2024-01-03 00:00:00
ics
ics
ICONICS and Mitsubishi Electric Products
2023-08-17 12:00:00
Siemens SCALANCE Family Products
2023-11-16 12:00:00
Siemens SINEC NMS
2024-02-15 12:00:00
oraclelinux
oraclelinux
openssl security update
2023-03-01 00:00:00
openssl security and bug fix update
2023-02-28 00:00:00
redhat
redhat
(RHSA-2023:0946) Important: openssl security and bug fix update
2023-02-28 07:52:54
(RHSA-2023:1199) Important: openssl security and bug fix update
2023-03-14 13:18:56
almalinux
almalinux
Moderate: openssl security and bug fix update
2023-02-28 00:00:00
rocky
rocky
openssl security and bug fix update
2023-03-29 16:47:51
fedora
fedora
[SECURITY] Fedora 37 Update: openssl-3.0.8-1.fc37
2023-02-11 00:33:44
[SECURITY] Fedora 36 Update: openssl-3.0.8-1.fc36
2023-02-22 11:09:09
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities
2023-02-07 00:00:00
cloudfoundry
cloudfoundry
USN-5844-1: OpenSSL vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
thn
thn
OpenSSL Fixes Multiple New Security Flaws with Latest Update
2023-02-09 09:51:00
aix
aix
Multiple vulnerabilities in OpenSSL affect AIX
2023-03-21 13:26:15
mageia
mageia
Updated openssl packages fix security vulnerability
2023-04-11 22:02:20
gentoo
gentoo
OpenSSL: Multiple Vulnerabilities
2024-02-04 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0330
2023-02-09 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0415
2023-06-22 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.6
Confidence
High
EPSS
0.005
Percentile
77.4%
Related for TENABLE_OT_SIEMENS_CVE-2023-0401.NASL