Vulnerability Bulletins

Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

System information
   
Affected software Cisco

Description
On November 1, 2022, the OpenSSL Project announced the following vulnerabilities: CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022]. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a Security Impact Rating: High CVE:

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20November%202022&vs_k=1

Standar resources
Property Value
CVE CVE-2022-3602 and CVE-2022-3786.

Version history
Version Comments Date
1.0 Advisory issued 2022-12-23
Ministerio de Defensa
CNI
CCN
CCN-CERT