VDB
CVE-2016-7054
CVE-2016-7054
PUBLISHED
Es existiert eine Schwachstelle in OpenSSL. Die Schwachstelle betrifft TSL Verbindungen, welche die *-CHACHA20-POLY1305 Ciphersuites nutzen. Ein Angreifer kann durch Übermitteln geeignet gestalteter Daten einen Denial of Service hervorrufen.
EPSS 24.76% · 96.3th percentile
Risk Scores
EPSS Score
24.76%
96.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco TelePresence Server | |
| SUSE | SUSE Linux | |
| Cisco | Cisco Unified Contact Center Enterprise | |
| Cisco | Cisco TelePresence System EX Series | |
| Cisco | Cisco TelePresence SX20 | |
| Cisco | Cisco Network Analysis Module | |
| Cisco | Cisco Unified Communications Manager (CUCM) | |
| Cisco | Cisco Wide Area Application Services | |
| Cisco | Cisco WebEx Meetings Server | |
| Cisco | Cisco Security Manager (CSM) | |
| Dell | Dell NetWorker < 19.10 | |
| Cisco | Cisco Unified IP Phone | |
| Red Hat | Red Hat Enterprise Linux | |
| Cisco | Cisco IOS XR | |
| Cisco | Cisco Video Surveillance | |
| Cisco | Cisco Unity Connection | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- 40899 (cve.org)
- OpenSSL 1.1.0a/1.1.0b - Denial of Service Exploit (0day-today)
- OpenSSL 1.1.0a/1.1.0b - Denial of Service Exploit (0day-today)
Timeline
- Nov 10, 2016 CVE Published
- Dec 12, 2016 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-0208.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0208 advisory
- http://www.openssl.org/news/secadv/20161110.txt advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161114-openssl advisory
- https://bto.bluecoat.com/security-advisory/sa135 advisory
- http://www.ubuntu.com/usn/usn-3181-1/ advisory
- https://www.tenable.com/security/tns-2017-03 advisory
- https://support.f5.com/csp/article/K43570545 advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20170431-1.html advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20170441-1.html advisory
- https://kb.netapp.com/support/s/article/ka51A00000007AWQAY/NTAP-20170127-0001?language=en_US advisory
- https://www.freebsd.org/security/advisories/FreeBSD-SA-17:02.openssl.asc advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20170855-1.html advisory
- http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-206.htm advisory
- http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-205.htm advisory
- http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-207.htm advisory
- https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03744en_us advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10775 advisory
- https://access.redhat.com/errata/RHSA-2018:2185 advisory
- https://fortiguard.com/psirt/FG-IR-17-019 advisory
…and 2 more