Vulnerability Change Records for CVE-2021-3449

Change History

CVE Modified by OpenSSL Software Foundation 3/26/2021 6:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/15/2021 7:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/20/2021 7:15:38 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/11/2021 6:15:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2021-09 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/27/2021 8:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.openwall.com/lists/oss-security/2021/03/27/2 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/14/2021 2:15:36 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/13/2021 9:15:09 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/13/2021 2:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20210513-0002/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/15/2021 5:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://kc.mcafee.com/corporate/index?page=content&id=SB10356 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/27/2021 5:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.openwall.com/lists/oss-security/2021/03/27/1 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/01/2021 3:15:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2021-06 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/31/2021 10:15:20 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/202103-03 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/01/2021 10:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/28/2021 5:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.openwall.com/lists/oss-security/2021/03/28/3 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 4/01/2021 6:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2021-05 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/26/2021 7:15:14 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20210326-0006/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/25/2021 6:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.debian.org/security/2021/dsa-4875 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/25/2021 3:15:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd [No Types Assigned]

Modified Analysis 4/20/2021 10:3:20 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*
          *cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*
          *cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*
          *cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*
     *cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*
     *cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*
     *cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*
     *cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:* versions up to (including) 8.13.1
     *cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions from (including) 5.13.0 up to (including) 5.17.0
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Removed CPE Configuration
AND
     OR
          *cpe:2.3:o:netapp:santricity_smi-s_provider_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
AND
     OR
          *cpe:2.3:o:netapp:storagegrid_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:storagegrid:-:*:*:*:*:*:*:*

								
						
Removed CPE Configuration
OR
     *cpe:2.3:o:windriver:linux:-:*:*:*:cd:*:*:*
     *cpe:2.3:o:windriver:linux:17.0:*:*:*:lts:*:*:*
     *cpe:2.3:o:windriver:linux:18.0:*:*:*:lts:*:*:*
     *cpe:2.3:o:windriver:linux:19.0:*:*:*:lts:*:*:*

								
						
Changed Reference Type
https://kc.mcafee.com/corporate/index?page=content&id=SB10356 No Types Assigned
https://kc.mcafee.com/corporate/index?page=content&id=SB10356 Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ Mailing List, Third Party Advisory
Changed Reference Type
https://www.tenable.com/security/tns-2021-05 No Types Assigned
https://www.tenable.com/security/tns-2021-05 Third Party Advisory
Changed Reference Type
https://www.tenable.com/security/tns-2021-06 No Types Assigned
https://www.tenable.com/security/tns-2021-06 Third Party Advisory

CVE Modified by OpenSSL Software Foundation 6/02/2021 3:15:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2021-10 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 8/31/2021 12:15:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 3/28/2021 8:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.openwall.com/lists/oss-security/2021/03/28/4 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/13/2021 11:15:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 [No Types Assigned]

Initial Analysis 3/31/2021 1:4:49 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netapp:santricity_smi-s_provider_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netapp:storagegrid_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:storagegrid:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.1.1 up to (excluding) 1.1.1k
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*
     *cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:windriver:linux:-:*:*:*:cd:*:*:*
     *cpe:2.3:o:windriver:linux:17.0:*:*:*:lts:*:*:*
     *cpe:2.3:o:windriver:linux:18.0:*:*:*:lts:*:*:*
     *cpe:2.3:o:windriver:linux:19.0:*:*:*:lts:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Added CWE

								
							
							
						
NIST CWE-476
Changed Reference Type
http://www.openwall.com/lists/oss-security/2021/03/27/1 No Types Assigned
http://www.openwall.com/lists/oss-security/2021/03/27/1 Mailing List, Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2021/03/27/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2021/03/27/2 Mailing List, Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2021/03/28/3 No Types Assigned
http://www.openwall.com/lists/oss-security/2021/03/28/3 Mailing List, Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2021/03/28/4 No Types Assigned
http://www.openwall.com/lists/oss-security/2021/03/28/4 Mailing List, Third Party Advisory
Changed Reference Type
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 No Types Assigned
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148 Mailing List, Patch, Vendor Advisory
Changed Reference Type
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc No Types Assigned
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc Third Party Advisory
Changed Reference Type
https://security.gentoo.org/glsa/202103-03 No Types Assigned
https://security.gentoo.org/glsa/202103-03 Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20210326-0006/ No Types Assigned
https://security.netapp.com/advisory/ntap-20210326-0006/ Third Party Advisory
Changed Reference Type
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd No Types Assigned
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd Third Party Advisory
Changed Reference Type
https://www.debian.org/security/2021/dsa-4875 No Types Assigned
https://www.debian.org/security/2021/dsa-4875 Third Party Advisory
Changed Reference Type
https://www.openssl.org/news/secadv/20210325.txt No Types Assigned
https://www.openssl.org/news/secadv/20210325.txt Vendor Advisory