V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
BDU:2019-01256
BDU
Medium

Уязвимость реализации алгоритма шифрования DSA (Digital Signature Algorithm) библиотеки OpenSSL связана с ошибками управления криптографиче…

CVSS
5.9
Medium
EPSS
0.00
p0
Published
2019-01-01
Updated
2019-01-01
Description

Уязвимость реализации алгоритма шифрования DSA (Digital Signature Algorithm) библиотеки OpenSSL связана с ошибками управления криптографическими ключами. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации путем восстановления закрытого ключа

Tags · CWE
Pre-auth
Affected products
Node.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.jsNode.js foundation Node.js
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Timeline
2019-01-01
Published
2019-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: H
High (H)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.000 · p0
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected software
ProductVendorStatus
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
node.jsnode.js foundationTracked
Source databases
BDU
Related vulnerabilities
CVE-2018-0734
External references
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0734@https://www.openssl.org/news/secadv/20181030.txt@https://nvd.nist.gov/vuln/detail/CVE-2018-0734@https://security-tracker.debian.org/tracker/CVE-2018-0734@http://www.securityfocus.com/bid/105758@https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=43e6a58d4991a451daf4891ff05a48735df871ac@https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8abfe72e8c1de1b95f50aa0d9134803b4d00070f@https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ef11e19d1365eea2b1851e6f540a0bf365d303e7@https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/@https://security.netapp.com/advisory/ntap-20181105-0002/@https://security.netapp.com/advisory/ntap-20190118-0002/@https://security.netapp.com/advisory/ntap-20190423-0002/@https://usn.ubuntu.com/3840-1/@https://www.debian.org/security/2018/dsa-4348@https://www.debian.org/security/2018/dsa-4355@https://www.openssl.org/news/secadv/20181030.txt@https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html@https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html@https://www.tenable.com/security/tns-2018-16@https://www.tenable.com/security/tns-2018-17@https://www.oracle.com/security-alerts/public-vuln-to-advisory-mapping.html@https://www.oracle.com/security-alerts/cpujan2020.html@https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16@https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81@https://cve.omprussia.ru/bb4321@https://cve.omprussia.ru/bb5322@https://cve.omprussia.ru/bb6323