Cisco Security Advisory - Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021

[Netwörkheäd]

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021

On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities.

Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd

     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2021-3449,CVE-2021-3450
Source: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021