CVE-2016-2107
MEDIUM severity · CVSS 5.9 · Information disclosure
5.9CVSS MEDIUM
Summary
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactNone
Availability impactNone
Exploit probability (EPSS)80%
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759Advisory
- http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlAdvisory
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.htmlAdvisory
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.htmlAdvisory
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.htmlAdvisory