CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.8%
A vulnerability in the OpenSSL cryptographic library is related to insufficient validation of user input data in the POLY1305 MAC (message authentication code) implementation.
data in the POLY1305 MAC (message authentication code) implementation. Exploitation of the vulnerability could
allow an attacker acting remotely to send specially crafted input data to the application
and corrupt MM registers on a Windows 64 platform, resulting in a denial of service.