Cisco Security Advisory - Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

Started by Netwörkheäd, November 07, 2022, 06:04:40 AM

Previous topic - Next topic

Netwörkheäd

Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

On November 1, 2022, the OpenSSL Project announced the following vulnerabilities:



  • CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow

  • CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow


For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022].


This advisory will be updated as additional information becomes available.


This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a



     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2022-3602,CVE-2022-3786
Source: Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
Let's not argue. Let's network!