VDB
CVE-2016-6305
CVE-2016-6305
PUBLISHED
CVSS 8.699999809265137 HIGH
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
EPSS 35.95% · 97.2th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
35.95%
97.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell NetWorker <19.10 | |
| Oracle | Oracle WebCenter Sites | |
| Cisco | Cisco IP Phone | |
| Cisco | Cisco Unified Communications Domain Manager (CUCDM) | |
| Open Source | Open Source OpenSSL <1.0.2i | |
| Cisco | Cisco TelePresence | |
| Blue Coat | Blue Coat ProxySG 6.5 | |
| FreeBSD Project | FreeBSD Project FreeBSD OS 9.3 | |
| Blue Coat | Blue Coat ProxySG 6.6 | |
| Red Hat | Red Hat Enterprise Linux | |
| Xerox | Xerox FreeFlow Print Server | |
| Cisco | Cisco Small Business 300 Series Managed Switches | |
| F5 | F5 WAN Optimization Manager | |
| Cisco | Cisco Nexus 5000 | |
| Cisco | Cisco Wide Area Application Services | |
| F5 | F5 FirePass | |
| Xerox | Xerox Phaser | |
| Cisco | Cisco Show and Share | |
| cisco | Cisco Aironet Access Point | |
| Debian | Debian Linux Jessie (8.0) |
…and 67 more
Exploit Intelligence
- https://github.com/openssl/openssl/issues/1563 (nist-nvd)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
…and 723 more exploits
Timeline
- CVE Published
- Jan 11, 2018 PoC Published
- Oct 2, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Sep 6, 2021 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 23, 2023 EPSS Score
- Aug 30, 2023 EPSS Score
- Dec 28, 2023 EPSS Score
- Oct 9, 2024 PoC Published
- Dec 12, 2024 PoC Published
- Dec 17, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-0209.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0209 advisory
- https://www.openssl.org/news/secadv/20160922.txt advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc advisory
- http://www.ubuntu.com/usn/usn-3087-2/ advisory
- https://www.suse.com/de-de/support/update/announcement/2016/suse-su-20162387-1.html advisory
- https://access.redhat.com/errata/RHSA-2016:1940 advisory
- https://www.suse.com/support/update/announcement/2016/suse-su-20162394-1.html advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016&vs_k=1 advisory
- https://www.suse.com/support/update/announcement/2016/suse-su-20162458-1.html advisory
- http://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24 advisory
- https://support.f5.com/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss advisory
- https://kb.bluecoat.com/security-advisory/sa132 advisory
- https://www.suse.com/support/update/announcement/2016/suse-su-20162468-1.html advisory
- https://www.suse.com/support/update/announcement/2016/suse-su-20162469-1.html advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759&cat=SIRT_1&actp=LIST advisory
- https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html advisory
- https://www.suse.com/support/update/announcement/2016/suse-su-20162545-1.html advisory
- http://www.tenable.com/security/tns-2016-16 advisory
- https://support.f5.com/kb/en-us/solutions/public/k/59/sol59298921.html?ref=rss advisory
…and 62 more