CVE-2017-3735

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

CVSS v3.0 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.openssl.org/news/secadv/20170828.txt	Patch Vendor Advisory
http://www.securityfocus.com/bid/100515	Third Party Advisory VDB Entry
https://www.openssl.org/news/secadv/20171102.txt	Issue Tracking Vendor Advisory
https://www.debian.org/security/2017/dsa-4018	Third Party Advisory
https://www.debian.org/security/2017/dsa-4017	Third Party Advisory
https://security.netapp.com/advisory/ntap-20171107-0002/	Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20170927-0001/	Issue Tracking Third Party Advisory
http://www.securitytracker.com/id/1039726	Third Party Advisory VDB Entry
https://www.tenable.com/security/tns-2017-14	Issue Tracking Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc
https://www.tenable.com/security/tns-2017-15
https://security.gentoo.org/glsa/201712-03
https://support.apple.com/HT208331
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html
https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822
https://usn.ubuntu.com/3611-2/
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://access.redhat.com/errata/RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3505
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openssl:openssl:1.1.0e:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8ze:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1j:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7l:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8m:::::::*
	cpe:2.3:a:openssl:openssl:1.1.0f:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0n:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.8c:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0c:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0i:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0:beta1::::::
	cpe:2.3:a:openssl:openssl:1.0.1h:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8n:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.8p:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2e:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2j:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0m:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2b:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8e:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8u:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1c:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8za:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8g:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0d:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0k:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0s:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7k:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8m:beta1::::::
	cpe:2.3:a:openssl:openssl:0.9.8zc:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0j:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1d:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2c:::::::*
	cpe:2.3:a:openssl:openssl:1.1.0d:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2h:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8j:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8r:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8z:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0e:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0f:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1:beta1::::::
	cpe:2.3:a:openssl:openssl:1.0.1:beta3::::::
	cpe:2.3:a:openssl:openssl:1.0.1g:::::::*
	cpe:2.3:a:openssl:openssl:1.0.2:beta3::::::
	cpe:2.3:a:openssl:openssl:1.1.0:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8d:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8k:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8l:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8s:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8t:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0:beta3::::::
	cpe:2.3:a:openssl:openssl:1.0.0:beta4::::::
	cpe:2.3:a:openssl:openssl:1.0.0h:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0o:::::::*
	cpe:2.3:a:openssl:openssl:1.0.0p:::::::*
	cpe:2.3:a:openssl:openssl:1.0.1a:::::::*
	cpe:2.3:a:openssl:openssl:1.1.0b:::::::*
	cpe:2.3:a:openssl:openssl:1.1.0c:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7m:::::::*
cpe:2.3:a:openssl:openssl:1.0.1k:::::::*
cpe:2.3:a:openssl:openssl:1.0.2:beta1::::::
cpe:2.3:a:openssl:openssl:1.0.2i:::::::*
cpe:2.3:a:openssl:openssl:0.9.8:::::::*
cpe:2.3:a:openssl:openssl:0.9.8h:::::::*
cpe:2.3:a:openssl:openssl:0.9.8o:::::::*
cpe:2.3:a:openssl:openssl:0.9.8w:::::::*
cpe:2.3:a:openssl:openssl:0.9.8x:::::::*
cpe:2.3:a:openssl:openssl:0.9.8zg:::::::*
cpe:2.3:a:openssl:openssl:1.0.0:::::::*
cpe:2.3:a:openssl:openssl:1.0.0l:::::::*
cpe:2.3:a:openssl:openssl:1.0.1:::::::*
cpe:2.3:a:openssl:openssl:1.0.1e:::::::*
cpe:2.3:a:openssl:openssl:1.0.1f:::::::*
cpe:2.3:a:openssl:openssl:0.9.8f:::::::*
cpe:2.3:a:openssl:openssl:0.9.8v:::::::*
cpe:2.3:a:openssl:openssl:1.0.0a:::::::*
cpe:2.3:a:openssl:openssl:1.0.0b:::::::*
cpe:2.3:a:openssl:openssl:1.0.0q:::::::*
cpe:2.3:a:openssl:openssl:1.0.0r:::::::*
cpe:2.3:a:openssl:openssl:1.0.1l:::::::*
cpe:2.3:a:openssl:openssl:1.0.2d:::::::*
cpe:2.3:a:openssl:openssl:1.0.2:::::::*
cpe:2.3:a:openssl:openssl:1.0.2f:::::::*
cpe:2.3:a:openssl:openssl:1.0.2k:::::::*
cpe:2.3:a:openssl:openssl:0.9.8i:::::::*
cpe:2.3:a:openssl:openssl:0.9.8q:::::::*
cpe:2.3:a:openssl:openssl:0.9.8y:::::::*
cpe:2.3:a:openssl:openssl:1.0.2:beta2::::::
cpe:2.3:a:openssl:openssl:1.1.0a:::::::*
cpe:2.3:a:openssl:openssl:1.0.2l:::::::*
cpe:2.3:a:openssl:openssl:0.9.8zb:::::::*
cpe:2.3:a:openssl:openssl:1.0.0:beta5::::::
cpe:2.3:a:openssl:openssl:1.0.0g:::::::*
cpe:2.3:a:openssl:openssl:1.0.1b:::::::*
cpe:2.3:a:openssl:openssl:1.0.1i:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Information

Published : 2017-08-28 12:29

Updated : 2022-12-13 04:15

NVD link : CVE-2017-3735

Mitre link : CVE-2017-3735

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

debian

debian_linux

openssl

openssl

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.openssl.org/news/secadv/20170828.txt", "name": "https://www.openssl.org/news/secadv/20170828.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/100515", "name": "100515", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://www.openssl.org/news/secadv/20171102.txt", "name": "https://www.openssl.org/news/secadv/20171102.txt", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://www.debian.org/security/2017/dsa-4018", "name": "DSA-4018", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "https://www.debian.org/security/2017/dsa-4017", "name": "DSA-4017", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "https://security.netapp.com/advisory/ntap-20171107-0002/", "name": "https://security.netapp.com/advisory/ntap-20171107-0002/", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://security.netapp.com/advisory/ntap-20170927-0001/", "name": "https://security.netapp.com/advisory/ntap-20170927-0001/", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1039726", "name": "1039726", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "https://www.tenable.com/security/tns-2017-14", "name": "https://www.tenable.com/security/tns-2017-14", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc", "name": "FreeBSD-SA-17:11", "tags": [], "refsource": "FREEBSD"}, {"url": "https://www.tenable.com/security/tns-2017-15", "name": "https://www.tenable.com/security/tns-2017-15", "tags": [], "refsource": "CONFIRM"}, {"url": "https://security.gentoo.org/glsa/201712-03", "name": "GLSA-201712-03", "tags": [], "refsource": "GENTOO"}, {"url": "https://support.apple.com/HT208331", "name": "https://support.apple.com/HT208331", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html", "name": "[debian-lts-announce] 20171109 [SECURITY] [DLA-1157-1] openssl security update", "tags": [], "refsource": "MLIST"}, {"url": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822", "name": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822", "tags": [], "refsource": "MISC"}, {"url": "https://usn.ubuntu.com/3611-2/", "name": "USN-3611-2", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://access.redhat.com/errata/RHSA-2018:3221", "name": "RHSA-2018:3221", "tags": [], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2018:3505", "name": "RHSA-2018:3505", "tags": [], "refsource": "REDHAT"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "tags": [], "refsource": "CONFIRM"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "tags": [], "refsource": "MISC"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "tags": [], "refsource": "MISC"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "name": "N/A", "tags": [], "refsource": "N/A"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-3735", "ASSIGNER": "openssl-security@openssl.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}}, "publishedDate": "2017-08-28T19:29Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8ze:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8zc:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8zg:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-12-13T12:15Z"}

5.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2017-3735

5.3^/10

5.0^/10

Attach tags to `CVE-2017-3735`