CVE-2016-2107
critical-risk
Published 2016-05-05
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
Do I need to act?
!
80.0% chance of exploitation in next 30 days
EPSS score — higher than 20% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
References (116)
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html
Third Party Advisory
http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-...
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0722.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0996.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2073.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2957.html
Third Party Advisory
http://source.android.com/security/bulletin/2016-07-01.html
Third Party Advisory
http://support.citrix.com/article/CTX212736
and 96 more references
72
/ 100
critical-risk
Severity
18/34 · Moderate
Exploitability
27/34 · High
Exposure
27/34 · High