National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2016-0800 Detail

Description

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.

Source:  MITRE      Last Modified:  03/01/2016

Quick Info

CVE Dictionary Entry:
CVE-2016-0800
Original release date:
03/01/2016
Last revised:
01/18/2018
Source:
US-CERT/NIST

Impact

CVSS Severity (version 3.0):
CVSS v3 Base Score:
5.9 Medium
Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N (legend)
Impact Score:
3.6
Exploitability Score:
2.2
CVSS Version 3 Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None
CVSS Severity (version 2.0):
CVSS v2 Base Score:
4.3 MEDIUM
Vector:
(AV:N/AC:M/Au:N/C:P/I:N/A:N) (legend)
Impact Subscore:
2.9
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized disclosure of information

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10722 External Source CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10722
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 External Source CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html External Source SUSE SUSE-SU-2016:0617
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html External Source SUSE SUSE-SU-2016:0620
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html External Source SUSE SUSE-SU-2016:0621
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html External Source SUSE SUSE-SU-2016:0624
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html External Source SUSE openSUSE-SU-2016:0627
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html External Source SUSE openSUSE-SU-2016:0628
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html External Source SUSE SUSE-SU-2016:0631
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html External Source SUSE openSUSE-SU-2016:0637
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html External Source SUSE openSUSE-SU-2016:0638
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html External Source SUSE openSUSE-SU-2016:0640
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html External Source SUSE SUSE-SU-2016:0641
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html External Source SUSE SUSE-SU-2016:0678
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html External Source SUSE openSUSE-SU-2016:0720
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html External Source SUSE SUSE-SU-2016:1057
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html External Source SUSE openSUSE-SU-2016:1239
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html External Source SUSE openSUSE-SU-2016:1241
http://marc.info/?l=bugtraq&m=145983526810210&w=2 External Source HP HPSBGN03569
http://marc.info/?l=bugtraq&m=146108058503441&w=2 External Source HP HPSBMU03575
http://marc.info/?l=bugtraq&m=146133665209436&w=2 External Source HP HPSBMU03573
http://rhn.redhat.com/errata/RHSA-2016-1519.html External Source REDHAT RHSA-2016:1519
http://support.citrix.com/article/CTX208403 External Source CONFIRM http://support.citrix.com/article/CTX208403
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl External Source CISCO 20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-openssl-en External Source CONFIRM http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-openssl-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html External Source CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html External Source CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html External Source CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html External Source CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html External Source CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html External Source CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html External Source CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/83733 External Source BID 83733
http://www.securityfocus.com/bid/91787 External Source BID 91787
http://www.securitytracker.com/id/1035133 External Source SECTRACK 1035133
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-623229.pdf External Source CONFIRM http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-623229.pdf
https://access.redhat.com/security/vulnerabilities/drown External Source CONFIRM https://access.redhat.com/security/vulnerabilities/drown
https://drownattack.com External Source MISC https://drownattack.com
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05096953 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05096953
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05143554 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05143554
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176765 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176765
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05307589 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05307589
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-03 External Source MISC https://ics-cert.us-cert.gov/advisories/ICSA-16-103-03
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 External Source CONFIRM https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168
https://kc.mcafee.com/corporate/index?page=content&id=SB10154 External Source CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10154
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc External Source FREEBSD FreeBSD-SA-16:12
https://security.gentoo.org/glsa/201603-15 External Source GENTOO GLSA-201603-15
https://security.netapp.com/advisory/ntap-20160301-0001/ External Source CONFIRM https://security.netapp.com/advisory/ntap-20160301-0001/
https://www.kb.cert.org/vuls/id/583776 External Source CERT-VN VU#583776
https://www.openssl.org/news/secadv/20160301.txt External Source CONFIRM https://www.openssl.org/news/secadv/20160301.txt

Technical Details

Vulnerability Type (View All)

  • Information Leak / Disclosure (CWE-200)
  • Cryptographic Issues (CWE-310)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
OR
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:a:pulsesecure:client:-:*:*:*:*:iphone_os:*:*
cpe:2.3:a:pulsesecure:steel_belted_radius:-:*:*:*:*:*:*:*

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History 29 change records found - show changes