Russian Vulnerability Scanner Database

Back to List

CVE-2016-0800

Scores

EPSS

0.903high90.3%
0%20%40%60%80%100%

Percentile: 90.3%

CVSS

5.9medium3.x
0246810

CVSS Score: 5.9/10

All CVSS Scores

CVSS 3.x
5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.0
5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Description

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a “DROWN” attack.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-200

Related Vulnerabilities

BDU:2016-00661

Vulnerable Software (25)

Type: Configuration

Product: nss

Operating System: debian

Trait: 
{  "fixed": "3.13"}

Source: debian

Type: Configuration

Product: openssl

Operating System: ubuntu trusty 14.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: openssl

Operating System: ubuntu vivid 15.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: openssl

Operating System: ubuntu wily 15.10

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: openssl

Operating System: debian

Trait: 
{  "fixed": "1.0.0c-2"}

Source: debian

Type: Configuration

Product: openssl

Operating System: rhel 4

Trait: 
{  "fixed": "0.9.7a-43.23.el4"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 5

Trait: 
{  "fixed": "0.9.8e-39.el5_11"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 5.6

Trait: 
{  "fixed": "0.9.8e-12.el5_6.13"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 5.9

Trait: 
{  "fixed": "0.9.8e-26.el5_9.5"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6

Trait: 
{  "fixed": "1.0.1e-42.el6_7.4"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6.2

Trait: 
{  "fixed": "1.0.0-20.el6_2.8"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6.4

Trait: 
{  "fixed": "1.0.0-27.el6_4.5"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6.5

Trait: 
{  "fixed": "1.0.1e-16.el6_5.16"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6.6

Trait: 
{  "fixed": "1.0.1e-30.el6_6.12"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 7

Trait: 
{  "fixed": "1.0.1e-51.el7_2.4"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 7.1

Trait: 
{  "fixed": "1.0.1e-42.ael7b_1.10"}

Source: redhat

Type: Configuration

Product: openssl098

Operating System: ubuntu trusty 14.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: openssl098

Operating System: ubuntu vivid 15.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: openssl098e

Operating System: rhel 6

Trait: 
{  "fixed": "0.9.8e-20.el6_7.1"}

Source: redhat

Type: Configuration

Product: openssl098e

Operating System: rhel 7

Trait: 
{  "fixed": "0.9.8e-29.el7_2.3"}

Source: redhat