Boletines de Vulnerabilidades

Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022


Información sobre el sistema

   
Software afectado Cisco

Descripción

On November 1, 2022, the OpenSSL Project announced the following vulnerabilities: CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022]. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a Security Impact Rating: High CVE:

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20November%202022&vs_k=1

Identificadores estándar

Propiedad Valor
CVE CVE-2022-3602 and CVE-2022-3786.

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2022-12-23

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT