CVE-2016-8610

Advisory lineage Upstream: 0 Downstream: 31

Downstream

DEBIAN-CVE-2016-8610 DLA-814-1 DSA-3773-1 MGASA-2017-0053 OPENSUSE-SU-2024:10801-1 RHSA-2017:0286

Modified

Published: 13 Nov 2017, 22:00

Last modified:06 Aug 2024, 02:27

Vulnerability Summary

Overall Risk (default)

medium

44/100

CVSS Score

7.5 HIGH

v3.1 (nvd)

EPSS Score

71.36% CRITICAL

71% probability +0.23%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 Nov 2017, 22:00

Published

Vulnerability first disclosed

06 Aug 2024, 02:27

Last Modified

Vulnerability information updated

Description

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

CVSS Metrics

v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 71.36%• Percentile: 99%

Techniques & Countermeasures

CWE-400•Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.

Affected Systems

debian•debian_linux
8.0
fujitsu•m10-1_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
fujitsu•m10-4_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
fujitsu•m10-4s_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
fujitsu•m12-1_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
fujitsu•m12-2_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
fujitsu•m12-2s_firmware
< xcp2361 | ≥ xcp3000, < xcp3070
netapp•clustered_data_ontap
na
netapp•clustered_data_ontap_antivirus_connector
na
netapp•cn1610_firmware
na
netapp•data_ontap
na
netapp•data_ontap_edge
na
netapp•e-series_santricity_os_controller
≥ 11.0, ≤ 11.40
netapp•host_agent
na
netapp•oncommand_balance
na
netapp•oncommand_unified_manager
na
netapp•oncommand_workflow_automation
na
netapp•ontap_select_deploy
na
netapp•service_processor
na
netapp•smi-s_provider
na
netapp•snapcenter_server
na
netapp•snapdrive
na
netapp•storagegrid
na
netapp•storagegrid_webscale
na
Unknown•OpenSSL
All 0.9.8 | All 1.0.1 | 1.0.2 through 1.0.2h | ≥ 1.0.2, ≤ 1.0.2h | 0.9.8 | 1.0.1 | 1.1.0
oracle•adaptive_access_manager
11.1.2.3.0
oracle•application_testing_suite
13.3.0.1
oracle•communications_analytics
12.1.1
oracle•communications_ip_service_activator
7.3.4 | 7.4.0
oracle•core_rdbms
11.2.0.4 | 12.1.0.2 | 12.2.0.1 | 18c | 19c
oracle•enterprise_manager_ops_center
12.3.3 | 12.4.0
oracle•goldengate_application_adapters
12.3.2.1.0
oracle•jd_edwards_enterpriseone_tools
9.2
oracle•peoplesoft_enterprise_peopletools
8.56 | 8.57 | 8.58
oracle•retail_predictive_application_server
15.0.3 | 16.0.3
oracle•timesten_in-memory_database
< 18.1.4.1.0
Unknown•WebLogic Server
10.3.6.0.0 | 12.1.3.0.0 | 12.2.1.3.0 | 12.2.1.4.0
paloaltonetworks•pan-os
≤ 6.1.17 | ≥ 7.0.0, ≤ 7.0.15 | ≥ 7.1.0, ≤ 7.1.10
redhat•enterprise_linux_desktop
6.0 | 7.0
redhat•enterprise_linux_server
6.0 | 7.0
redhat•enterprise_linux_server_aus
7.3 | 7.4 | 7.6
redhat•enterprise_linux_server_eus
7.3 | 7.4 | 7.5 | 7.6
redhat•enterprise_linux_server_tus
7.3 | 7.6
redhat•enterprise_linux_workstation
6.0 | 7.0
redhat•jboss_enterprise_application_platform
6.0.0 | 6.4.0