CVE-2018-16870

Опубликовано: 03 янв. 2019

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.

Ссылки

http://cat.eyalro.net/
Third Party Advisory
https://github.com/wolfSSL/wolfssl/pull/1950
Patch
Third Party Advisory
http://cat.eyalro.net/
Third Party Advisory
https://github.com/wolfSSL/wolfssl/pull/1950
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

Версия до 3.15.7 (исключая)

EPSS

Процентиль: 41%

0.00186

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

CWE-310

Связанные уязвимости

CVE-2018-16870

CVSS3: 5.9

ubuntu

около 7 лет назад

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.

CVE-2018-16870

CVSS3: 5.9

debian

около 7 лет назад

It was found that wolfssl before 3.15.7 is vulnerable to a new variant ...

GHSA-ch8h-fr7v-29p6

CVSS3: 5.9

github

больше 3 лет назад

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.

EPSS

Процентиль: 41%

0.00186

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

CWE-310