VDB
BDU%3A2023-07691
BDU%3A2023-07691
PUBLISHED
CVSS 7.800000190734863 HIGH
Уязвимость функций EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2(), EVP_CipherInit_ex2() криптографической библиотеки OpenSSL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Risk Scores
CVSS 2.0
7.800000190734863
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell Inc., NetApp Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», Canonical Ltd., Red Hat Inc., OpenSSL Software Foundation | OpenSUSE Leap, OnCommand Workflow Automation, SnapCenter, Oncommand Insight, openSUSE Tumbleweed, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Active IQ Unified Manager for Microsoft Windows, Active IQ Unified Manager for VMware vSphere, Suse Linux Enterprise Server, Suse Linux Enterprise Desktop, Ubuntu, Red Hat Enterprise Linux, NetApp HCI Baseboard Management Controller H410C, NetApp HCI Baseboard Management Controller H300S, NetApp HCI Baseboard Management Controller H500S, NetApp HCI Baseboard Management Controller H700S, NetApp HCI Baseboard Management Controller H410S, openSUSE Leap Micro, OpenSSL, Brocade Fabric Operating System Firmware, FAS/AFF Baseboard Management Controller A250, FAS/AFF Baseboard Management Controller 500f, FAS/AFF Baseboard Management Controller C250, NetApp Cloud Backup OST Plug-in (formerly AltaVault OST Plug-in) |
Timeline
- Nov 13, 2023 CVE Published
- Aug 19, 2024 CVE Updated
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Security Advisory
References
- https://www.openwall.com/lists/oss-security/2023/10/24/1 url
- https://www.openssl.org/news/secadv/20231024.txt url
- https://www.openssl.org/news/vulnerabilities.html url
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d url
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee url
- http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ url
- https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-openssl-cve-2023-5363/ url
- https://security-tracker.debian.org/tracker/CVE-2023-5363 url
- https://lists.debian.org/debian-security-announce/2023/msg00228.html url
- https://access.redhat.com/security/cve/CVE-2023-5363 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2243839 url
- https://ubuntu.com/security/CVE-2023-5363 url
- https://ubuntu.com/security/notices/USN-6450-1 url
- https://www.suse.com/security/cve/CVE-2023-5363.html url
- https://security.netapp.com/advisory/ntap-20231027-0010/ url
- https://security.netapp.com/advisory/ntap-20240201-0003/ url