CVE-2020-1967
high-risk
Published 2020-04-21
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
Do I need to act?
!
67.3% chance of exploitation in next 30 days
EPSS score — higher than 33% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Enterprise Manager For Storage Management
Enterprise Manager For Storage Management
Jd Edwards World Security
Mysql Connectors
Affected Vendors
References (64)
Third Party Advisory
http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-De...
Mailing List
http://seclists.org/fulldisclosure/2020/May/5
Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440
Third Party Advisory
https://security.gentoo.org/glsa/202004-10
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200424-0003/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200717-0004/
Third Party Advisory
https://www.debian.org/security/2020/dsa-4661
Vendor Advisory
https://www.openssl.org/news/secadv/20200421.txt
and 44 more references
68
/ 100
high-risk
Severity
26/34 · High
Exploitability
19/34 · Moderate
Exposure
23/34 · High