CB-K22/0321 Update 33
Risikostufe 3
Titel:OpenSSL: Schwachstelle ermöglicht Denial of ServiceDatum:14.06.2022Software:Amazon Linux 2, FreeBSD Project FreeBSD OS, Open Source LibreSSL < 3.3.6, Open Source LibreSSL < 3.4.3, Open Source LibreSSL < 3.5.1, Open Source OpenSSL < 1.0.2zd, Open Source OpenSSL < 1.1.1n, Open Source OpenSSL < 3.0.2, SUSE Linux, Ubuntu Linux, Open Source Node.js, Debian Linux, Synology DiskStation Manager, Oracle Linux, IGEL OS, NetApp AFF, NetApp Data ONTAP, NetApp FAS, NetApp StorageGRID, SonicWall SonicOS, tribe29 checkmk < 2.1.0b3, tribe29 checkmk < 2.2.0i1, Red Hat Enterprise Linux, Open Source CentOS, PaloAlto Networks PAN-OS, QNAP NAS, Tenable Security Nessus, Fortinet FortiAnalyzer, Fortinet FortiAuthenticator, Fortinet FortiClient, Fortinet FortiMail, Fortinet FortiManager, Fortinet FortiOS, Fortinet FortiSwitch, Meinberg LANTIME < V6.24.030, Meinberg LANTIME < V7.04.015, genua genugate < 10.0p7, genua genugate < 10.2p6, genua genugate < 10.3p3, genua genugate < 9.0p24, genua genuscreen < 7.6p6, genua genuscreen < 8.0p3, WatchGuard Firebox < 12.8 Update 1, Open Source OPNsense < 22.1.4, Tenable Security Nessus Network Monitor < 6.0.1, IBM AIX, Aruba ArubaOS, Aruba ClearPass Policy Manager, Aruba Switch, Siemens SIMATIC S7, Siemens SIMATIC WinCCPlattform:Hardware Appliance, Linux, UNIXAuswirkung:Denial-of-ServiceRemoteangriff:JaRisiko:mittelCVE Liste:CVE-2022-0778Bezug:
Beschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.
Quellen:
- OpenSSL Security Advisory vom 2022-03-15
- PoC vom 2022-03-15
- Amazon Linux Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- SUSE Security Advisory vom 2022-03-15
- Debian Security Advisory vom 2022-03-15
- FreeBSD Security Advisory vom 2022-03-15
- Ubuntu Security Advisory vom 2022-03-15
- Ubuntu Security Advisory vom 2022-03-15
- LibreSSL Security Advisory vom 2022-03-15
- LibreSSL Security Advisory vom 2022-03-15
- LibreSSL Security Advisory vom 2022-03-15
- Amazon Linux Security Advisory ALAS-2022-1575 vom 2022-03-16
- Amazon Linux Security Advisory ALAS-2022-041 vom 2022-03-17
- Node.js OpenSSL Security Release
- Debian Security Advisory DLA-2952 vom 2022-03-17
- Debian Security Advisory DLA-2953 vom 2022-03-17
- Synology Security Advisory SYNOLOGY-SA-22:04 vom 2022-03-18
- Oracle Linux Security Advisory ELSA-2022-9224 vom 2022-03-18
- Oracle Linux Security Advisory ELSA-2022-9237 vom 2022-03-19
- Oracle Linux Security Advisory ELSA-2022-9225 vom 2022-03-18
- NetApp Security Advisory NTAP-20220321-0002 vom 2022-03-21
- IGEL Security Notice ISN-2022-06 vom 2022-03-21
- SonicWall Security Advisory SNWLID-2022-0002 vom 2022-03-22
- SUSE Security Update SUSE-SU-2022:0935-1 vom 2022-03-22
- Oracle Linux Security Advisory ELSA-2022-9233 vom 2022-03-23
- CheckMK Werk 13725 vom 2022-03-15
- Oracle Linux Security Advisory ELSA-2022-9246 vom 2022-03-24
- Red Hat Security Advisory RHSA-2022:1066 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1078 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1077 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1076 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1073 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1071 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1065 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1082 vom 2022-03-28
- Red Hat Security Advisory RHSA-2022:1091 vom 2022-03-29
- Oracle Linux Security Advisory ELSA-2022-1065 vom 2022-03-28
- Oracle Linux Security Advisory ELSA-2022-1066 vom 2022-03-29
- CentOS Security Advisory CESA-2022:1066 vom 2022-03-29
- Red Hat Security Advisory RHSA-2022:1112 vom 2022-03-29
- QNAP Security Advisory QSA-22-06 vom 2022-03-30
- Nessus Security Advisory
- Palo Alto Networks Security Advisory PAN-190175 vom 2022-03-31
- Nessus Security Advisory
- FortiGuard Labs PSIRT Advisory FG-IR-22-059 vom 2022-04-01
- FortiGuard Labs PSIRT Advisory FG-IR-22-059 vom 2022-04-02
- Meinberg Security Advisory MBGSA-2022.01 vom 2022-04-05
- Genua Patch
- Genua Patch
- Genua Patch
- Genua Patch
- Genua Patch
- Genua Patch
- Red Hat Security Advisory RHSA-2022:1263 vom 2022-04-07
- Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08
- SUSE Security Update SUSE-SU-2022:0861-1 vom 2022-04-14
- Red Hat Security Advisory RHSA-2022:1389 vom 2022-04-21
- Red Hat Security Advisory RHSA-2022:1390 vom 2022-04-21
- Red Hat Security Advisory RHSA-2022:1357 vom 2022-04-22
- Red Hat Security Advisory RHSA-2022:1363 vom 2022-04-21
- Red Hat Security Advisory RHSA-2022:1370 vom 2022-04-22
- Red Hat Security Advisory RHSA-2022:1476 vom 2022-04-21
- Red Hat Security Advisory RHSA-2022:1356 vom 2022-04-22
- Watchguard Fireware v12.8 Update 1
- OPNsense Release Notes
- Arista Security Advisory 0075
- Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2022-018 vom 2022-04-28
- SUSE Security Update SUSE-SU-2022:1459-1 vom 2022-04-28
- SUSE Security Update SUSE-SU-2022:1462-1 vom 2022-04-28
- SUSE Security Update SUSE-SU-2022:1461-1 vom 2022-04-28
- Red Hat Security Advisory RHSA-2022:1622 vom 2022-05-04
- SUSE Security Update SUSE-SU-2022:1536-1 vom 2022-05-04
- Tenable Security Advisory TNS-2022-10 vom 2022-05-10
- Tenable Security Advisory TNS-2022-10 vom 2022-05-10 vom 2022-05-09
- IGEL Security Notice ISN-2022-12 vom 2022-05-10
- Red Hat Security Advisory RHSA-2022:2218 vom 2022-05-12
- Red Hat Security Advisory RHSA-2022:2217 vom 2022-05-12
- Red Hat Security Advisory RHSA-2022:2216 vom 2022-05-12
- IBM Security Bulletin 6586112 vom 2022-05-13
- Red Hat Security Advisory RHSA-2022:4690 vom 2022-05-19
- Aruba Product Security Advisory ARUBA-PSA-2022-009 vom 2022-06-03
- Red Hat Security Advisory RHSA-2022:4896 vom 2022-06-03
- Red Hat Security Advisory RHSA-2022:4899 vom 2022-06-04
- Red Hat Security Advisory RHSA-2022:4956 vom 2022-06-09
- Siemens Security Advisory