ID CVE-2019-1559
Summary If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2o:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2o:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2p:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2p:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.2q:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.2q:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
    cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
    cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
  • cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storagegrid:9.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storagegrid:9.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storagegrid:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storagegrid:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storagegrid:9.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storagegrid:9.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storagegrid:9.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storagegrid:9.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:4.4.1.15078:*:*:*:*:*:x64:*
    cpe:2.3:a:tenable:nessus:4.4.1.15078:*:*:*:*:*:x64:*
  • cpe:2.3:a:tenable:nessus:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:5.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:5.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.7:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.8:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.9:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.8:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.10.9:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.10.9:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:6.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:6.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:nessus:8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:tenable:nessus:8.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-01-2021 - 15:15)
Impact:
Exploitability:
CWE CWE-203
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • bugzilla
    id 1683804
    title CVE-2019-1559 openssl: 0-byte record padding oracle
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment openssl is earlier than 1:1.0.2k-19.el7
            oval oval:com.redhat.rhsa:tst:20192304001
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929002
        • AND
          • comment openssl-devel is earlier than 1:1.0.2k-19.el7
            oval oval:com.redhat.rhsa:tst:20192304003
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929004
        • AND
          • comment openssl-libs is earlier than 1:1.0.2k-19.el7
            oval oval:com.redhat.rhsa:tst:20192304005
          • comment openssl-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929006
        • AND
          • comment openssl-perl is earlier than 1:1.0.2k-19.el7
            oval oval:com.redhat.rhsa:tst:20192304007
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929008
        • AND
          • comment openssl-static is earlier than 1:1.0.2k-19.el7
            oval oval:com.redhat.rhsa:tst:20192304009
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929010
    rhsa
    id RHSA-2019:2304
    released 2019-08-06
    severity Moderate
    title RHSA-2019:2304: openssl security and bug fix update (Moderate)
  • bugzilla
    id 1683804
    title CVE-2019-1559 openssl: 0-byte record padding oracle
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment openssl is earlier than 0:1.0.1e-58.el6_10
            oval oval:com.redhat.rhsa:tst:20192471001
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929002
        • AND
          • comment openssl-devel is earlier than 0:1.0.1e-58.el6_10
            oval oval:com.redhat.rhsa:tst:20192471003
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929004
        • AND
          • comment openssl-perl is earlier than 0:1.0.1e-58.el6_10
            oval oval:com.redhat.rhsa:tst:20192471005
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929008
        • AND
          • comment openssl-static is earlier than 0:1.0.1e-58.el6_10
            oval oval:com.redhat.rhsa:tst:20192471007
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20171929010
    rhsa
    id RHSA-2019:2471
    released 2019-08-13
    severity Moderate
    title RHSA-2019:2471: openssl security update (Moderate)
  • rhsa
    id RHSA-2019:2437
  • rhsa
    id RHSA-2019:2439
  • rhsa
    id RHSA-2019:3929
  • rhsa
    id RHSA-2019:3931
rpms
  • openssl-1:1.0.2k-19.el7
  • openssl-debuginfo-1:1.0.2k-19.el7
  • openssl-devel-1:1.0.2k-19.el7
  • openssl-libs-1:1.0.2k-19.el7
  • openssl-perl-1:1.0.2k-19.el7
  • openssl-static-1:1.0.2k-19.el7
  • imgbased-0:1.1.9-0.1.el7ev
  • ovirt-node-ng-nodectl-0:4.3.5-0.20190717.0.el7ev
  • python-imgbased-0:1.1.9-0.1.el7ev
  • python2-ovirt-node-ng-nodectl-0:4.3.5-0.20190717.0.el7ev
  • redhat-release-virtualization-host-0:4.3.5-2.el7ev
  • redhat-virtualization-host-image-update-0:4.3.5-20190722.0.el7_7
  • redhat-virtualization-host-image-update-placeholder-0:4.3.5-2.el7ev
  • rhvm-appliance-2:4.3-20190722.0.el7
  • openssl-0:1.0.1e-58.el6_10
  • openssl-debuginfo-0:1.0.1e-58.el6_10
  • openssl-devel-0:1.0.1e-58.el6_10
  • openssl-perl-0:1.0.1e-58.el6_10
  • openssl-static-0:1.0.1e-58.el6_10
  • jws5-ecj-0:4.12.0-1.redhat_1.1.el6jws
  • jws5-ecj-0:4.12.0-1.redhat_1.1.el7jws
  • jws5-ecj-0:4.12.0-1.redhat_1.1.el8jws
  • jws5-javapackages-tools-0:3.4.1-5.15.11.el6jws
  • jws5-javapackages-tools-0:3.4.1-5.15.11.el7jws
  • jws5-javapackages-tools-0:3.4.1-5.15.11.el8jws
  • jws5-jboss-logging-0:3.3.2-1.Final_redhat_00001.1.el6jws
  • jws5-jboss-logging-0:3.3.2-1.Final_redhat_00001.1.el7jws
  • jws5-jboss-logging-0:3.3.2-1.Final_redhat_00001.1.el8jws
  • jws5-mod_cluster-0:1.4.1-1.Final_redhat_00001.2.el6jws
  • jws5-mod_cluster-0:1.4.1-1.Final_redhat_00001.2.el7jws
  • jws5-mod_cluster-0:1.4.1-1.Final_redhat_00001.2.el8jws
  • jws5-mod_cluster-tomcat-0:1.4.1-1.Final_redhat_00001.2.el6jws
  • jws5-mod_cluster-tomcat-0:1.4.1-1.Final_redhat_00001.2.el7jws
  • jws5-mod_cluster-tomcat-0:1.4.1-1.Final_redhat_00001.2.el8jws
  • jws5-python-javapackages-0:3.4.1-5.15.11.el6jws
  • jws5-python-javapackages-0:3.4.1-5.15.11.el7jws
  • jws5-python-javapackages-0:3.4.1-5.15.11.el8jws
  • jws5-tomcat-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-admin-webapps-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-admin-webapps-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-admin-webapps-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-docs-webapp-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-docs-webapp-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-docs-webapp-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-el-3.0-api-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-el-3.0-api-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-el-3.0-api-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-javadoc-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-javadoc-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-javadoc-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-jsp-2.3-api-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-jsp-2.3-api-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-jsp-2.3-api-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-lib-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-lib-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-lib-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-native-0:1.2.21-34.redhat_34.el6jws
  • jws5-tomcat-native-0:1.2.21-34.redhat_34.el7jws
  • jws5-tomcat-native-0:1.2.21-34.redhat_34.el8jws
  • jws5-tomcat-native-debuginfo-0:1.2.21-34.redhat_34.el6jws
  • jws5-tomcat-native-debuginfo-0:1.2.21-34.redhat_34.el7jws
  • jws5-tomcat-native-debuginfo-0:1.2.21-34.redhat_34.el8jws
  • jws5-tomcat-selinux-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-selinux-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-selinux-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-servlet-4.0-api-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-servlet-4.0-api-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-servlet-4.0-api-0:9.0.21-10.redhat_4.1.el8jws
  • jws5-tomcat-vault-0:1.1.8-1.Final_redhat_1.1.el6jws
  • jws5-tomcat-vault-0:1.1.8-1.Final_redhat_1.1.el7jws
  • jws5-tomcat-vault-0:1.1.8-1.Final_redhat_1.1.el8jws
  • jws5-tomcat-vault-javadoc-0:1.1.8-1.Final_redhat_1.1.el6jws
  • jws5-tomcat-vault-javadoc-0:1.1.8-1.Final_redhat_1.1.el7jws
  • jws5-tomcat-vault-javadoc-0:1.1.8-1.Final_redhat_1.1.el8jws
  • jws5-tomcat-webapps-0:9.0.21-10.redhat_4.1.el6jws
  • jws5-tomcat-webapps-0:9.0.21-10.redhat_4.1.el7jws
  • jws5-tomcat-webapps-0:9.0.21-10.redhat_4.1.el8jws
refmap via4
bid 107174
confirm
debian DSA-4400
fedora
  • FEDORA-2019-00c25b9379
  • FEDORA-2019-9a0a7c0986
  • FEDORA-2019-db06efdea1
gentoo GLSA-201903-10
misc
mlist [debian-lts-announce] 20190301 [SECURITY] [DLA 1701-1] openssl security update
suse
  • openSUSE-SU-2019:1076
  • openSUSE-SU-2019:1105
  • openSUSE-SU-2019:1173
  • openSUSE-SU-2019:1175
  • openSUSE-SU-2019:1432
  • openSUSE-SU-2019:1637
ubuntu
  • USN-3899-1
  • USN-4376-2
Last major update 20-01-2021 - 15:15
Published 27-02-2019 - 23:29
Last modified 20-01-2021 - 15:15
Back to Top