5.9

CVE-2021-3449

EPSS 13.18%
Published 25.03.2021 15:15:13
Last modified 21.11.2024 06:21:33
Source openssl-security@openssl.org
Teams watchlist Login
Open Login

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Affected products Warnungen 0 Metrics 3 CWE 1 References 32

Data is provided by the National Vulnerability Database (NVD)

OpenSSL ≫ OpenSSL Version >= 1.1.1 < 1.1.1k

Debian ≫ Debian Linux Version9.0

Debian ≫ Debian Linux Version10.0

Freebsd ≫ Freebsd Version12.2 Update-

Freebsd ≫ Freebsd Version12.2 Updatep1

Freebsd ≫ Freebsd Version12.2 Updatep2

Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere

Netapp ≫ Cloud Volumes Ontap Mediator Version-

Netapp ≫ E-series Performance Analyzer Version-

Netapp ≫ Oncommand Insight Version-

Netapp ≫ Oncommand Workflow Automation Version-

Netapp ≫ Ontap Select Deploy Administration Utility Version-

Netapp ≫ Santricity Smi-s Provider Version-

Netapp ≫ Snapcenter Version-

Netapp ≫ Storagegrid Version-

Tenable ≫ Log Correlation Engine Version < 6.0.9

Tenable ≫ Nessus Version <= 8.13.1

Tenable ≫ Nessus Network Monitor Version5.11.0

Tenable ≫ Nessus Network Monitor Version5.11.1

Tenable ≫ Nessus Network Monitor Version5.12.0

Tenable ≫ Nessus Network Monitor Version5.12.1

Tenable ≫ Nessus Network Monitor Version5.13.0

Tenable ≫ Tenable.Sc Version >= 5.13.0 <= 5.17.0

Fedoraproject ≫ Fedora Version34

Mcafee ≫ Web Gateway Version8.2.19

Mcafee ≫ Web Gateway Version9.2.10

Mcafee ≫ Web Gateway Version10.1.1

Mcafee ≫ Web Gateway Cloud Service Version8.2.19

Mcafee ≫ Web Gateway Cloud Service Version9.2.10

Mcafee ≫ Web Gateway Cloud Service Version10.1.1

Checkpoint ≫ Quantum Security Management Firmware Versionr80.40

Checkpoint ≫ Quantum Security Management Version-

Checkpoint ≫ Quantum Security Management Firmware Versionr81

Checkpoint ≫ Quantum Security Management Version-

Checkpoint ≫ Multi-domain Management Firmware Versionr80.40

Checkpoint ≫ Multi-domain Management Version-

Checkpoint ≫ Multi-domain Management Firmware Versionr81

Checkpoint ≫ Multi-domain Management Version-

Checkpoint ≫ Quantum Security Gateway Firmware Versionr80.40

Checkpoint ≫ Quantum Security Gateway Version-

Checkpoint ≫ Quantum Security Gateway Firmware Versionr81

Checkpoint ≫ Quantum Security Gateway Version-

Oracle ≫ Communications Communications Policy Management Version12.6.0.0.0

Oracle ≫ Enterprise Manager For Storage Management Version13.4.0.0

Oracle ≫ Essbase Version21.2

Oracle ≫ Graalvm Version19.3.5 SwEditionenterprise

Oracle ≫ Graalvm Version20.3.1.2 SwEditionenterprise

Oracle ≫ Graalvm Version21.0.0.2 SwEditionenterprise

Oracle ≫ Jd Edwards Enterpriseone Tools Version < 9.2.6.0

Oracle ≫ Jd Edwards World Security Versiona9.4

Oracle ≫ Mysql Connectors Version <= 8.0.23

Oracle ≫ Mysql Server Version <= 5.7.33

Oracle ≫ Mysql Server Version >= 8.0.15 <= 8.0.23

Oracle ≫ Mysql Workbench Version <= 8.0.23

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.57

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.58

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.59

Oracle ≫ Primavera Unifier Version >= 17.7 <= 17.12

Oracle ≫ Primavera Unifier Version19.12

Oracle ≫ Primavera Unifier Version20.12

Oracle ≫ Primavera Unifier Version21.12

Oracle ≫ Secure Backup Version < 18.1.0.1.0

Oracle ≫ Secure Global Desktop Version5.6

Oracle ≫ Zfs Storage Appliance Kit Version8.8

Sonicwall ≫ Sma100 Firmware Version >= 10.2.0.0 < 10.2.1.0-17sv

Sonicwall ≫ Sma100 Version-

Sonicwall ≫ Capture Client Version3.5

Sonicwall ≫ Sonicos Version7.0.1.0

Siemens ≫ Ruggedcom Rcm1224 Firmware Version >= 6.2

Siemens ≫ Ruggedcom Rcm1224 Version-

Siemens ≫ Scalance Lpe9403 Firmware

Siemens ≫ Scalance Lpe9403 Version-

Siemens ≫ Scalance M-800 Firmware Version >= 6.2

Siemens ≫ Scalance M-800 Version-

Siemens ≫ Scalance S602 Firmware Version >= 4.1

Siemens ≫ Scalance S602 Version-

Siemens ≫ Scalance S612 Firmware Version >= 4.1

Siemens ≫ Scalance S612 Version-

Siemens ≫ Scalance S615 Firmware Version >= 6.2

Siemens ≫ Scalance S615 Version-

Siemens ≫ Scalance S623 Firmware Version >= 4.1

Siemens ≫ Scalance S623 Version-

Siemens ≫ Scalance S627-2m Firmware Version >= 4.1

Siemens ≫ Scalance S627-2m Version-

Siemens ≫ Scalance Sc-600 Firmware Version >= 2.0

Siemens ≫ Scalance Sc-600 Version-

Siemens ≫ Scalance W700 Firmware Version >= 6.5

Siemens ≫ Scalance W700 Version-

Siemens ≫ Scalance W1700 Firmware Version >= 2.0

Siemens ≫ Scalance W1700 Version-

Siemens ≫ Scalance Xb-200 Firmware Version < 4.3

Siemens ≫ Scalance Xb-200 Version-

Siemens ≫ Scalance Xc-200 Firmware Version < 4.3

Siemens ≫ Scalance Xc-200 Version-

Siemens ≫ Scalance Xf-200ba Firmware Version < 4.3

Siemens ≫ Scalance Xf-200ba Version-

Siemens ≫ Scalance Xm-400 Firmware Version < 6.4

Siemens ≫ Scalance Xm-400 Version-

Siemens ≫ Scalance Xp-200 Firmware Version < 4.3

Siemens ≫ Scalance Xp-200 Version-

Siemens ≫ Scalance Xr-300wg Firmware Version < 4.3

Siemens ≫ Scalance Xr-300wg Version-

Siemens ≫ Scalance Xr524-8c Firmware Version < 6.4

Siemens ≫ Scalance Xr524-8c Version-

Siemens ≫ Scalance Xr526-8c Firmware Version < 6.4

Siemens ≫ Scalance Xr526-8c Version-

Siemens ≫ Scalance Xr528-6m Firmware Version < 6.4

Siemens ≫ Scalance Xr528-6m Version-

Siemens ≫ Scalance Xr552-12 Firmware Version < 6.4

Siemens ≫ Scalance Xr552-12 Version-

Siemens ≫ Simatic Cloud Connect 7 Firmware Version >= 1.1

Siemens ≫ Simatic Cloud Connect 7 Version-

Siemens ≫ Simatic Cloud Connect 7 Firmware Version-

Siemens ≫ Simatic Cloud Connect 7 Version-

Siemens ≫ Simatic Cp 1242-7 Gprs V2 Firmware Version >= 3.1

Siemens ≫ Simatic Cp 1242-7 Gprs V2 Version-

Siemens ≫ Simatic Cp 1242-7 Gprs V2 Firmware Version-

Siemens ≫ Simatic Cp 1242-7 Gprs V2 Version-

Siemens ≫ Simatic Hmi Basic Panels 2nd Generation Firmware

Siemens ≫ Simatic Hmi Basic Panels 2nd Generation Version-

Siemens ≫ Simatic Hmi Comfort Outdoor Panels Firmware

Siemens ≫ Simatic Hmi Comfort Outdoor Panels Version-

Siemens ≫ Simatic Hmi Ktp Mobile Panels Firmware

Siemens ≫ Simatic Hmi Ktp Mobile Panels Version-

Siemens ≫ Simatic Mv500 Firmware

Siemens ≫ Simatic Mv500 Version-

Siemens ≫ Simatic Net Cp 1243-1 Firmware Version >= 3.1

Siemens ≫ Simatic Net Cp 1243-1 Version-

Siemens ≫ Simatic Net Cp1243-7 Lte Eu Firmware Version >= 3.1

Siemens ≫ Simatic Net Cp1243-7 Lte Eu Version-

Siemens ≫ Simatic Net Cp1243-7 Lte Us Firmware Version >= 3.1

Siemens ≫ Simatic Net Cp1243-7 Lte Us Version-

Siemens ≫ Simatic Net Cp 1243-8 Irc Firmware Version >= 3.1

Siemens ≫ Simatic Net Cp 1243-8 Irc Version-

Siemens ≫ Simatic Net Cp 1542sp-1 Irc Firmware Version >= 2.1

Siemens ≫ Simatic Net Cp 1542sp-1 Irc Version-

Siemens ≫ Simatic Net Cp 1543-1 Firmware Version >= 2.2 < 3.0

Siemens ≫ Simatic Net Cp 1543-1 Version-

Siemens ≫ Simatic Net Cp 1543sp-1 Firmware Version >= 2.1

Siemens ≫ Simatic Net Cp 1543sp-1 Version-

Siemens ≫ Simatic Net Cp 1545-1 Firmware Version >= 1.0

Siemens ≫ Simatic Net Cp 1545-1 Version-

Siemens ≫ Simatic Pcs 7 Telecontrol Firmware

Siemens ≫ Simatic Pcs 7 Telecontrol Version-

Siemens ≫ Simatic Pcs Neo Firmware

Siemens ≫ Simatic Pcs Neo Version-

Siemens ≫ Simatic Pdm Firmware Version >= 9.1.0.7

Siemens ≫ Simatic Pdm Version-

Siemens ≫ Simatic Process Historian Opc Ua Server Firmware Version >= 2019

Siemens ≫ Simatic Process Historian Opc Ua Server Version-

Siemens ≫ Simatic Rf166c Firmware

Siemens ≫ Simatic Rf166c Version-

Siemens ≫ Simatic Rf185c Firmware

Siemens ≫ Simatic Rf185c Version-

Siemens ≫ Simatic Rf186c Firmware

Siemens ≫ Simatic Rf186c Version-

Siemens ≫ Simatic Rf186ci Firmware

Siemens ≫ Simatic Rf186ci Version-

Siemens ≫ Simatic Rf188c Firmware

Siemens ≫ Simatic Rf188c Version-

Siemens ≫ Simatic Rf188ci Firmware

Siemens ≫ Simatic Rf188ci Version-

Siemens ≫ Simatic Rf360r Firmware

Siemens ≫ Simatic Rf360r Version-

Siemens ≫ Simatic S7-1200 Cpu 1211c Firmware

Siemens ≫ Simatic S7-1200 Cpu 1211c Version-

Siemens ≫ Simatic S7-1200 Cpu 1212c Firmware

Siemens ≫ Simatic S7-1200 Cpu 1212c Version-

Siemens ≫ Simatic S7-1200 Cpu 1212fc Firmware

Siemens ≫ Simatic S7-1200 Cpu 1212fc Version-

Siemens ≫ Simatic S7-1200 Cpu 1214 Fc Firmware

Siemens ≫ Simatic S7-1200 Cpu 1214 Fc Version-

Siemens ≫ Simatic S7-1200 Cpu 1214c Firmware

Siemens ≫ Simatic S7-1200 Cpu 1214c Version-

Siemens ≫ Simatic S7-1200 Cpu 1214 Fc Firmware

Siemens ≫ Simatic S7-1200 Cpu 1214 Fc Version-

Siemens ≫ Simatic S7-1200 Cpu 1215 Fc Firmware

Siemens ≫ Simatic S7-1200 Cpu 1215 Fc Version-

Siemens ≫ Simatic S7-1200 Cpu 1215c Firmware

Siemens ≫ Simatic S7-1200 Cpu 1215c Version-

Siemens ≫ Simatic S7-1200 Cpu 1217c Firmware

Siemens ≫ Simatic S7-1200 Cpu 1217c Version-

Siemens ≫ Simatic S7-1500 Cpu 1518-4 Pn/dp Mfp Firmware

Siemens ≫ Simatic S7-1500 Cpu 1518-4 Pn/dp Mfp Version-

Siemens ≫ Sinamics Connect 300 Firmware

Siemens ≫ Sinamics Connect 300 Version-

Siemens ≫ Tim 1531 Irc Firmware Version >= 2.0 < 2.2

Siemens ≫ Tim 1531 Irc Version-

Siemens ≫ Simatic Logon Version >= 1.6.0.2

Siemens ≫ Simatic Logon Version1.5 Updatesp3_update_1

Siemens ≫ Simatic Wincc Runtime Advanced

Siemens ≫ Simatic Wincc Telecontrol Version-

Siemens ≫ Sinec Nms Version1.0 Update-

Siemens ≫ Sinec Nms Version1.0 Updatesp1

Siemens ≫ Sinec Pni Version-

Siemens ≫ Sinema Server Version14.0 Update-

Siemens ≫ Sinema Server Version14.0 Updatesp1

Siemens ≫ Sinema Server Version14.0 Updatesp2

Siemens ≫ Sinema Server Version14.0 Updatesp2_update1

Siemens ≫ Sinema Server Version14.0 Updatesp2_update2

Siemens ≫ Sinumerik Opc Ua Server

Siemens ≫ Tia Administrator

Siemens ≫ Sinec Infrastructure Network Services Version < 1.0.1.1

Nodejs ≫ Node.Js SwEdition- Version >= 10.0.0 <= 10.12.0

Nodejs ≫ Node.Js SwEditionlts Version >= 10.13.0 <= 10.24.0

Nodejs ≫ Node.Js SwEdition- Version >= 12.0.0 <= 12.12.0

Nodejs ≫ Node.Js SwEditionlts Version >= 12.13.0 < 12.22.1

Nodejs ≫ Node.Js SwEdition- Version >= 14.0.0 <= 14.14.0

Nodejs ≫ Node.Js SwEditionlts Version >= 14.15.0 < 14.16.1

Nodejs ≫ Node.Js SwEdition- Version >= 15.0.0 < 15.14.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	13.18%	0.939

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://www.oracle.com/security-alerts/cpuapr2022.html

Patch

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2022.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240621-0006/

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Third Party Advisory

https://www.tenable.com/security/tns-2021-10

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210513-0002/

Third Party Advisory

https://www.tenable.com/security/tns-2021-09

Third Party Advisory

https://security.gentoo.org/glsa/202103-03

Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10356

Third Party Advisory

http://www.openwall.com/lists/oss-security/2021/03/27/1

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2021/03/27/2

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2021/03/28/3

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2021/03/28/4

Third Party Advisory

Mailing List

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf

Patch

Third Party Advisory

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013

Third Party Advisory

https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210326-0006/

Third Party Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd

Third Party Advisory

https://www.debian.org/security/2021/dsa-4875

Third Party Advisory

https://www.openssl.org/news/secadv/20210325.txt

Vendor Advisory

https://www.tenable.com/security/tns-2021-05

Third Party Advisory

https://www.tenable.com/security/tns-2021-06

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-3449

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-3449

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-3449

EUVD