Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-43085

Опубликовано: 21 окт. 2021
Источник: redhat
CVSS3: 0

Описание

[REJECTED CVE] An Insecure Permissions bug exists in the OpenSSL Project 3.0 due to an error in the implementation of the CMAC_Final() function.

Отчет

This CVE has been rejected upstream - https://github.com/openssl/openssl/issues/16873#issuecomment-1089876133. Red Hat has also evaluated this issue and determined that it does not meet the criteria to be classified as a security vulnerability. This assessment is based on the issue not posing a significant security risk, being a result of misconfiguration or usage error, or falling outside the scope of security considerations. As such, this CVE has been marked as "Rejected" in alignment with Red Hat's vulnerability management policies. If you have additional information or concerns regarding this determination, please contact Red Hat Product Security for further clarification.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Advanced Cluster Management for Kubernetes 2rhacm2/management-ingress-rhel8Not affected
Red Hat Enterprise Linux 6opensslNot affected
Red Hat Enterprise Linux 6openssl098eNot affected
Red Hat Enterprise Linux 7opensslNot affected
Red Hat Enterprise Linux 7openssl098eNot affected
Red Hat Enterprise Linux 7ovmfNot affected
Red Hat Enterprise Linux 8compat-openssl10Not affected
Red Hat Enterprise Linux 8edk2Not affected
Red Hat Enterprise Linux 8opensslNot affected
Red Hat Enterprise Linux 8shimNot affected

Показывать по

Ссылки на источники

Дополнительная информация

https://bugzilla.redhat.com/show_bug.cgi?id=2069364openssl: Insecure permissions vulnerability due to an error in the implementation of the CMAC_Final() function

0 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-43085

ubuntu
больше 3 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

nvd логотип

CVE-2021-43085

nvd
больше 3 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

github логотип

GHSA-28c2-wcj3-4hx5

github
больше 3 лет назад

An Insecure Permissions vulnerability exists in the OpenSSL Project 3.0 due to an error in the implementation of the CMAC_Final() function.

fstec логотип

BDU:2022-01626

CVSS3: 5.3
fstec
около 4 лет назад

Уязвимость функции CMAC_Final() библиотеки OpenSSL, позволяющая нарушителю получить доступ к защищаемой информации

0 Low

CVSS3

Уязвимость CVE-2021-43085