Описание
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability.
Отчет
This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | nss | Out of support scope | ||
| Red Hat Enterprise Linux 6 | nss | Out of support scope | ||
| Red Hat Enterprise Linux 7 | nss | Fixed | RHSA-2021:1384 | 27.04.2021 |
| Red Hat Enterprise Linux 8 | nspr | Fixed | RHSA-2021:3572 | 21.09.2021 |
| Red Hat Enterprise Linux 8 | nss | Fixed | RHSA-2021:3572 | 21.09.2021 |
| Red Hat Migration Toolkit for Containers 1.4 | rhmtc/openshift-migration-controller-rhel8 | Fixed | RHBA-2021:2854 | 21.07.2021 |
| Red Hat Migration Toolkit for Containers 1.4 | rhmtc/openshift-migration-log-reader-rhel8 | Fixed | RHBA-2021:2854 | 21.07.2021 |
| Red Hat Migration Toolkit for Containers 1.4 | rhmtc/openshift-migration-must-gather-rhel8 | Fixed | RHBA-2021:2854 | 21.07.2021 |
| Red Hat Migration Toolkit for Containers 1.4 | rhmtc/openshift-migration-operator-bundle | Fixed | RHBA-2021:2854 | 21.07.2021 |
| Red Hat Migration Toolkit for Containers 1.4 | rhmtc/openshift-migration-registry-rhel8 | Fixed | RHBA-2021:2854 | 21.07.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...
Moderate: nss and nspr security, bug fix, and enhancement update
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
EPSS
7.5 High
CVSS3