OpenSSL Multiple Vulnerabilities

Release Date: 9 Feb 2023 6248 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in OpenSSL. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system.

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • OpenSSL versions 3.0.0 to 3.0.7
  • OpenSSL 1.1.1
  • OpenSSL 1.0.2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

  • OpenSSL versions 3.0 users should upgrade to OpenSSL 3.0.8
  • OpenSSL versions 1.1.1 users should upgrade to OpenSSL 1.1.1t
  • OpenSSL versions 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only)

 

Since OpenSSL is distributed as source code in various products, users are recommended to review if the products in-use are related to the vulerabilities via vendors' website and update accordingly.

Vulnerability Identifier

Source

Related Link

Related Tags

OpenSSLDenial of ServiceSecurity Restriction BypassInformation Disclosure

Share with

Previous

Google Chrome Multiple Vulnerabilities

8 Feb 2023 4904 Views

Next

Microsoft Edge Multiple Vulnerabilities

10 Feb 2023 5503 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY