Cisco Security Advisory - Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

Started by Netwörkheäd, November 01, 2022, 06:21:49 PM

Previous topic - Next topic

Netwörkheäd

Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

On November 1, 2022, the OpenSSL Project announced the following vulnerabilities:



       
  • CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow

  •    
  • CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow


For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022].


This advisory will be updated as additional information becomes available.


This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a



     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2022-3602,CVE-2022-3786
Source: Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
Let's not argue. Let's network!