7.5

CVE-2020-1967

Exploit

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).

Data is provided by the National Vulnerability Database (NVD)
OpenSSLOpenSSL Version >= 1.1.1d <= 1.1.1f
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
FreebsdFreebsd Version12.1 Update-
FedoraprojectFedora Version30
FedoraprojectFedora Version31
FedoraprojectFedora Version32
OracleApplication Server Version12.1.3
OracleHTTP Server Version12.2.1.4.0
OracleMysql Version <= 5.6.48
OracleMysql Version >= 5.7.0 <= 5.7.30
OracleMysql Version >= 8.0.0 <= 8.0.20
OracleMysql Connectors Version <= 8.0.20
OracleMysql Enterprise Monitor Version <= 4.0.12
OracleMysql Enterprise Monitor Version >= 8.0.0 <= 8.0.20
OracleMysql Workbench Version <= 8.0.21
NetappActive Iq Unified Manager SwPlatformwindows Version >= 7.3
NetappActive Iq Unified Manager SwPlatformvmware_vsphere Version >= 9.5
NetappOncommand Insight Version-
NetappSmi-s Provider Version-
NetappSnapcenter Version-
OpensuseLeap Version15.1
OpensuseLeap Version15.2
JdedwardsEnterpriseone Version < 9.2.5.0
TenableLog Correlation Engine Version < 6.0.9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 66.69% 0.985
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://seclists.org/fulldisclosure/2020/May/5
Third Party Advisory
Mailing List
https://github.com/irsl/CVE-2020-1967
Third Party Advisory
Exploit