OpenSSL up to 1.0.0i SSLv3 Downgrade POODLE cryptographic issues

A vulnerability, which was classified as critical, was found in OpenSSL up to 1.0.0i (Network Encryption Software). This affects an unknown part of the component SSLv3 Downgrade Handler. Upgrading to version 0.9.8zc, 1.0.0o or 1.0.1j eliminates this vulnerability. It is possible to mitigate the problem by applying the configuration setting SSLProtocol All -SSLv2 -SSLv3. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 1 days after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

1102

Field

source_secunia_date1
advisory_company_name1
vulnerability_cvss3_vuldb_a1
vulnerability_cvss3_vuldb_i1
vulnerability_cvss3_vuldb_c1

Commit Conf

100%108
90%10

Approve Conf

100%108
90%10
IDCommitedUserFieldChangeRemarksAcceptedReasonC
454013305/02/2019VulD...secunia_date1413849600 (10/21/2014)flexerasoftware.com05/02/2019accepted
100
454011705/02/2019VulD...company_nameGoogle Security Team05/02/2019accepted
100
454010005/02/2019VulD...cvss3_vuldb_aNsee CVSS documentation05/02/2019accepted
100
454009905/02/2019VulD...cvss3_vuldb_iNsee CVSS documentation05/02/2019accepted
100
454009805/02/2019VulD...cvss3_vuldb_cHsee CVSS documentation05/02/2019accepted
100
454009705/02/2019VulD...cvss3_vuldb_sCsee CVSS documentation05/02/2019accepted
100
454009605/02/2019VulD...cvss3_vuldb_uiNsee CVSS documentation05/02/2019accepted
100
454009505/02/2019VulD...cvss3_vuldb_prNsee CVSS documentation05/02/2019accepted
100
454009405/02/2019VulD...cvss3_vuldb_acHsee CVSS documentation05/02/2019accepted
100
454009305/02/2019VulD...cvss3_vuldb_avNsee CVSS documentation05/02/2019accepted
100
454018010/15/2014VulD...cvss3_nvd_basescore6.8nist.gov10/15/2014accepted
90
454017910/15/2014VulD...exposure_days110/15/2014accepted
90
454017810/15/2014VulD...0day_days166010/15/2014accepted
90
454017710/15/2014VulD...reaction_days110/15/2014accepted
90
454017610/15/2014VulD...cvss3_vuldb_rcCsee CVSS documentation10/15/2014accepted
90
454017510/15/2014VulD...cvss3_vuldb_rlOsee CVSS documentation10/15/2014accepted
90
454017410/15/2014VulD...cvss3_vuldb_eUsee CVSS documentation10/15/2014accepted
90
454017310/15/2014VulD...cvss2_vuldb_rcCsee CVSS documentation10/15/2014accepted
90
454017210/15/2014VulD...cvss2_vuldb_rlOFsee CVSS documentation10/15/2014accepted
90
454017110/15/2014VulD...cvss2_vuldb_eUsee CVSS documentation10/15/2014accepted
90

98 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!