VDB
WID-SEC-W-2022-1914
WID-SEC-W-2022-1914
PUBLISHED
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper JUNOS | ||
| IBM DataPower Gateway | ||
| Fortinet FortiOS < 5.6.0 | ||
| IBM AIX 5.3 | ||
| IBM AIX 7.2 | ||
| Open Source OpenSSL < 1.1.0d | ||
| NetApp OnCommand Unified Manager | ||
| FreeBSD Project FreeBSD OS | ||
| Fortinet FortiOS < 5.4.6 | ||
| Blue Coat IntelligenceCenter 3.3 | ||
| Open Source OpenSSL < 1.0.2k | ||
| Dell NetWorker < 19.10 | ||
| Debian Linux | ||
| Blue Coat ProxySG 6.6 | ||
| IBM AIX 6.1 | ||
| IBM AIX 7.1 | ||
| Blue Coat ProxyAV 3.5 | ||
| Blue Coat ProxySG 6.5 | ||
| IBM VIOS 2.2.x | ||
| Blue Coat Director 6.1 - 6.1.22.1 |
Exploit Intelligence
- OpenSSL CVE-2017-3730 proof-of-concept (github-poc)
- http://linux.oracle.com/errata/ELSA-2017-3519.html (circl)
- https://www.openssl.org/news/secadv/20170126.txt (circl)
- https://www.debian.org/security/2017/dsa-3773 (circl)
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20January%202017&vs_k=1 (circl)
- http://www.ubuntu.com/usn/usn-3181-1/ (circl)
- https://www.nomachine.com/SU01O00180 (circl)
- https://www.tenable.com/security/tns-2017-03 (circl)
- https://www.suse.com/support/update/announcement/2017/suse-su-20170431-1.html (circl)
- https://bto.bluecoat.com/security-advisory/sa141 (circl)
…and 27 more exploits
Timeline
- Jan 26, 2017 CVE Published
- Jan 25, 2024 CVE Updated
- Apr 7, 2026 Distribution Patch
- Apr 7, 2026 Distribution Patch
- Apr 7, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2022-1914.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1914 advisory
- https://www.openssl.org/news/secadv/20170126.txt url
- https://www.debian.org/security/2017/dsa-3773 url
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20January%202017&vs_k=1 url
- http://www.ubuntu.com/usn/usn-3181-1/ url
- https://www.nomachine.com/SU01O00180 url
- https://www.tenable.com/security/tns-2017-03 url
- https://www.suse.com/support/update/announcement/2017/suse-su-20170431-1.html url
- https://bto.bluecoat.com/security-advisory/sa141 url
- https://www.suse.com/support/update/announcement/2017/suse-su-20170441-1.html url
- https://www.suse.com/support/update/announcement/2017/suse-su-20170461-1.html url
- https://support.f5.com/csp/article/K44512851 url
- https://kb.netapp.com/support/s/article/ka51A00000007AWQAY/NTAP-20170127-0001?language=en_US url
- https://www.suse.com/support/update/announcement/2017/suse-su-20170495-1.html url
- http://rhn.redhat.com/errata/RHSA-2017-0286.html url
- http://aix.software.ibm.com/aix/efixes/security/openssl_advisory23.asc url
- http://linux.oracle.com/errata/ELSA-2017-0286.html url
- http://linux.oracle.com/errata/ELSA-2017-3519.html url
- http://linux.oracle.com/errata/ELSA-2017-3518.html url
…and 16 more