4.3
CVSSv2

CVE-2020-1971

Published: 08/12/2020 Updated: 20/10/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

A denial of service security issue exists in OpenSSL prior to 1.1.1i. The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

debian debian linux 9.0

debian debian linux 10.0

fedoraproject fedora 32

fedoraproject fedora 33

oracle api gateway 11.1.2.4.0

oracle business intelligence 5.5.0.0.0

oracle business intelligence 12.2.1.3.0

oracle business intelligence 12.2.1.4.0

oracle communications session border controller cz8.2

oracle communications session border controller cz8.3

oracle communications session border controller cz8.4

oracle communications session router cz8.2

oracle communications session router cz8.3

oracle communications session router cz8.4

oracle communications subscriber-aware load balancer cz8.2

oracle communications subscriber-aware load balancer cz8.3

oracle communications subscriber-aware load balancer cz8.4

oracle communications unified session manager scz8.2.5

oracle enterprise communications broker pcz3.1

oracle enterprise communications broker pcz3.2

oracle enterprise communications broker pcz3.3

oracle enterprise manager base platform 13.3.0.0

oracle enterprise manager base platform 13.4.0.0

oracle enterprise manager ops center 12.4.0.0

oracle enterprise session border controller cz8.2

oracle enterprise session border controller cz8.3

oracle enterprise session border controller cz8.4

oracle essbase 21.2

oracle graalvm 19.3.4

oracle graalvm 20.3.0

oracle jd edwards enterpriseone tools

oracle jd edwards world security a9.4

oracle mysql

oracle mysql server

oracle peoplesoft enterprise peopletools 8.56

oracle peoplesoft enterprise peopletools 8.57

oracle peoplesoft enterprise peopletools 8.58

netapp active iq unified manager -

netapp clustered data ontap antivirus connector -

netapp data ontap -

netapp e-series santricity os controller

netapp hci management node -

netapp manageability software development kit -

netapp oncommand insight -

netapp oncommand workflow automation -

netapp plug-in for symantec netbackup -

netapp santricity smi-s provider -

netapp snapcenter -

netapp solidfire -

netapp hci compute node -

netapp hci storage node -

netapp ef600a_firmware -

netapp aff_a250_firmware -

tenable log correlation engine

tenable nessus network monitor

Vendor Advisories

Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scorin ...
Synopsis Low: Red Hat JBoss Web Server 31 Service Pack 11 security update Type/Severity Security Advisory: Low Topic An update is now available for Red Hat JBoss Web Server 31, for RHEL 7 and WindowsRed Hat Product Security has rated this release as having a security impact of Low A Common Vulnerability ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 72 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 73 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Low: Red Hat JBoss Web Server 31 Service Pack 11 security update Type/Severity Security Advisory: Low Topic An update is now available for Red Hat JBoss Web Server 31 for RHEL 7Red Hat Product Security has rated this release as having a security impact of Low A Common Vulnerability Scoring Syst ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Low: Red Hat JBoss Core Services Apache HTTP Server 2437 SP6 security update Type/Severity Security Advisory: Low Topic Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2437 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise L ...
Synopsis Low: Red Hat JBoss Core Services Apache HTTP Server 2437 SP6 security update Type/Severity Security Advisory: Low Topic Red Hat JBoss Core Services Pack Apache Server 2437 Service Pack 6 zip release for RHEL 7, RHEL 8 and Microsoft Windows is availableRed Hat Product Security has rated this up ...
David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function which could cause a NULL dereference, resulting in denial of service Additional details can be found in the upstream advisory: wwwopensslorg/news/secadv/20201208txt For the stable distribution (buster), this problem has been fixed in version 111d-0+deb10u4 We recomme ...
Synopsis Important: openssl security and bug fix update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP S ...
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Moderate: Red Hat JBoss Web Server 541 Security Update Type/Severity Security Advisory: Moderate Topic Updated Red Hat JBoss Web Server 541 packages are now available for Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8Red Hat Product Security has rated this release as having a secur ...
Arch Linux Security Advisory ASA-202012-24 ========================================== Severity: High Date : 2020-12-16 CVE-ID : CVE-2020-1971 Package : openssl Type : denial of service Remote : Yes Link : securityarchlinuxorg/AVG-1335 Summary ======= The package openssl before version 111i-1 is vulnerable to denial of ser ...
Synopsis Moderate: Red Hat JBoss Web Server 541 Security Update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Web Server 541 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 and WindowsRed Hat Product Security has rated this release as having a sec ...
Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches ...
Synopsis Important: Red Hat Ceph Storage 42 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Ceph Storage 42Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Redhat provided OpenSSL is used by IBM Integrated Analytics System IBM Integrated Analytics System has addressed the applicable CVE ...
If an App Connect flow calls a URL at an endpoint controlled by a malicious user that also controls a Certificate Revocation List, those calls may trigger an application crash resulting in a denial of service ...
The z/TPF version of OpenSSL was updated to address the vulnerability described by CVE-2020-1971 ...
Security Vulnerabilities affect IBM Cloud Pak for Data – OpenSSL ...
A denial of service security issue was discovered in OpenSSL before 111i The X509 GeneralName type is a generic type for representing different types of names One of those name types is known as EDIPartyName OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not This ...
Synopsis Moderate: OpenShift Virtualization 253 security and bug fix update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Virtualization release 253 is now available with updates to packages and images that fix several bugs and security issuesRed Hat Product Security has rated this ...
OpenSSL vulnerabilities were disclosed on December 8, 2020 and February 16, 2021 by the OpenSSL Project OpenSSL, used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services, has addressed the applicable CVEs ...
Synopsis Important: OpenShift Container Platform 469 security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 469 is now available with updates to packages and images that fix several bugs and add enhancementsThis release also includes a ...
Synopsis Moderate: OpenShift Container Platform 4612 extras and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4612 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has ra ...
App Connect Enterprise flows may be susceptible to denial of service attacks due to CVE-2020-1971 and CVE-2020-8265 in the Nodejs runtime, and all components may be vulnerable to HTTP request smuggling due to CVE-2020-8287 ...
IBM Cloud Pak for Integration is vulnerable to Nodejs vulnerabilities CVE-2020-1971, CVE-2020-8265, and CVE-2020-8287 with details of each below ...
Synopsis Moderate: Red Hat Advanced Cluster Management 213 security and bug fix update Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 213 General Availabilityrelease images, which fix several bugs and security issues Red Hat Product Security has rated ...
Tenablesc leverages third-party software to help provide underlying functionality Two separate third-party components (jQuery and OpenSSL) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address ...
Synopsis Moderate: OpenShift Container Platform 4612 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4612 is now available withupdates to packages and images that fix several bugsThis release includes a security update for Red Hat ...
A vulnerability (CVE-2020-1971) exists in JP1/Base that affects JP1/Automatic Job Management System 3 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Nessus Agent leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact ...
Nessus leverages third-party software to help provide underlying functionality One third-party component (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled libraries to address the potential impact of th ...
Synopsis Moderate: Release of OpenShift Serverless 1120 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1120Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detaile ...
Multiple vulnerabilities have been found in Hitachi Ops Center Analyzer viewpoint CVE-2020-1971, CVE-2021-3393, CVE-2021-3449, CVE-2021-3450, CVE-2021-23840, CVE-2021-23841 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Nessus Network Monitor leverages third-party software to help provide underlying functionality One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to a ...
Tenable Log Correlation Engine leverages third-party software to help provide underlying functionality Two separate third-party components (OpenSSL, jQuery) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled Open ...
Synopsis Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...
Synopsis Moderate: Red Hat Quay v333 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat Quay v333 is now available with bug fixes and security updatesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Synopsis Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...

Mailing Lists

On 9/6/21 11:35 AM, Solar Designer wrote: No worries - I figured it was that time of year, and this isn't something that has to be resolved immediately Thanks Okay - a more typical application form follows That seems like something we could help with I also note that there are many vulnerabilities we discover in the FOSS packages we ...

Github Repositories

CVE-2020-1971 Auto Scan & Exploit Script

CVE-2020-1971 CVE-2020-1971 Auto Scan & Exploit Script

工具库-置放一些常用工具或脚本

tools 工具库-置放一些常用工具或脚本 OpenSSL 漏洞修复 CVE-2020-1971 下载目录中 upgradepy 脚本,运行即可。 因 CentOS 中基本默认自带 Python2,故脚本采用 Python2 的写法。 注意:运行需要 root 身份。

Tips to upgrade/migrate OpenSSL libs.

OpenSSL (libssl libcrypto) の version を 11未満(102以前) から 11 以降に変更する方法や注意点など 必要な知識 脆弱性のある OpenSSL の version 情報 2020年12月8日時点で 111-111h, 102-102w は CVE-2020-1971 の脆弱性があり、それぞれ111i以降、102x以降に移行させる必要があります。 OpenSSL の主

Demonstrate how you can use image scanner called Trivy as a golang library

Description Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers and other artifacts A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc) and application dependencies (Bundler,

Hi there, I'm Cindy - aka Carmilea I love technology, especially in the area of infrastructure and software engineering!! I’m currently learning everything I’m looking to collaborate with other content creators Fun fact: I love to code and when I have the time I enjoy gaming of all types Connect with me: Languages and Tools: YouTube V

Generates Newer OpenSSL 1.1.0i for Debian stretch-backports DEBs and UDEBs (suitable for debian-installer)

Generates OpenSSL 111i for Linux Debian Buster / buster-backports December 08, 2020, Ustream release fix (CVE-2020-1971) After git clone and once inside the source directory: dpkg-buildpackage -F -us -uc -T binary-arch,binary-indep generates DEBs: libssl11_111i-1_amd64deb libssl-dev_111i-1_amd64deb openssl_111i-1_amd64deb libssl11-dbgsym_111i-1_amd64deb libssl-

Apply allowlist to grype vulnerability scans.

sanction apply allowlist to grype scans usage sanction v010 Basic allowlisting and formatting for grype scans USAGE: sanction [OPTIONS] FLAGS: -h, --help Prints help information -V, --version Prints version information OPTIONS: -l, --allowlist <allowlist> Path to allowlist [default: allowtxt] -o, --output <output&gt

Catlin Vulnerability Scanner This can be used to scan vulnerability in Tekton Tasks What is Trivy? Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers and other artifacts A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System Trivy detects vulnerabi

TASSL-111k 新版本特性 1、基于开源openssl111k修改。相较于之前基于openssl111b版本的tassl,修复了以下漏洞: CVE-2019-1543 CVE-2019-1552 CVE-2019-1563 CVE-2019-1547 CVE-2019-1549 CVE-2020-1967 CVE-2020-1971 CVE-2021-23840 CVE-2021-23839 CVE-2021-23841 CVE-2021-3449 CVE-2021-3450 CVE-2021-3711 2、支持RFC 8998 ShangMi (SM) Cipher Suites for TLS

PoC in GitHub 2021 CVE-2021-1056 (2021-01-07) NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidiako) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure pokerfaceSad/CVE-2021-1056 CVE-2021-

PoC in GitHub 2021 CVE-2021-1056 (2021-01-07) NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidiako) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure pokerfaceSad/CVE-2021-1056 CVE-2021-

PoC in GitHub 2020 CVE-2020-0014 (2020-02-13) It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable This could lead to a local escalation of privilege with no additional execution privileges needed User action is needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Android-10Android

Recent Articles

Google Patches Critical Android RCE Bug
Threatpost • Tara Seals • 08 Jun 2021

Google patched more than 90 security vulnerabilities in its Android operating system impacting its Pixel devices and third-party Android handsets, including a critical remote code-execution bug that could allow an attacker to commandeer a targeted vulnerable mobile device.
That bug (CVE-2021-0507) exists in the System component in the Android OS, and could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process, a...

DHS-CISA urges admins to patch OpenSSL DoS vulnerability
BleepingComputer • Ax Sharma • 09 Dec 2020

This week OpenSSL has released fixes for a high severity Denial of Service (DoS) vulnerability impacting the open source project.
U.S. DHS Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to upgrade their vulnerable OpenSSL instances immediately.
The high severity vulnerability tracked as CVE-2020-1971, stems from a NULL pointer dereferencing issue.
As specified by the X.509 standard, SSL certificates use the 
type in various places to re...

Patch Tuesday brings bug fixes for OpenSSL, IBM, SAP, Kubernetes, Adobe, and Red Hat. And Microsoft, of course
The Register • Thomas Claburn in San Francisco • 08 Dec 2020

Light load from Redmond as everyone else seeks to bury bad news, sorry, align in update cadence

Patch Tuesday For December's Patch Tuesday bug bonanza, Microsoft handed out fixes for a mere 58 vulnerabilities while various other orgs addressed shortcomings in their own software in separate, parallel announcements.
On the one hand, vendors glommed to Microsoft's Patch Tuesday on the pretense that users and system administrators could plan their patching around a regular, monthly cadence. On the other hand, it lets developers emit all their bad news at once and ideally avoid headlines ...

The Register

Patch Tuesday For December's Patch Tuesday bug bonanza, Microsoft handed out fixes for a mere 58 vulnerabilities while various other orgs addressed shortcomings in their own software in separate, parallel announcements.
On the one hand, vendors glommed to Microsoft's Patch Tuesday on the pretense that users and system administrators could plan their patching around a regular, monthly cadence. On the other hand, it lets developers emit all their bad news at once and ideally avoid headlines ...

References

CWE-476https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9ehttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920https://www.openssl.org/news/secadv/20201208.txthttps://www.debian.org/security/2020/dsa-4807https://security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.aschttps://lists.debian.org/debian-lts-announce/2020/12/msg00021.htmlhttps://lists.debian.org/debian-lts-announce/2020/12/msg00020.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/https://lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3Ehttps://security.netapp.com/advisory/ntap-20201218-0005/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/https://www.tenable.com/security/tns-2020-11https://security.gentoo.org/glsa/202012-13https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676https://www.oracle.com/security-alerts/cpujan2021.htmlhttps://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3Ehttps://www.tenable.com/security/tns-2021-09https://security.netapp.com/advisory/ntap-20210513-0002/https://www.tenable.com/security/tns-2021-10https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttp://www.openwall.com/lists/oss-security/2021/09/14/2https://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://github.com/MBHudson/CVE-2020-1971https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:5422https://www.debian.org/security/2020/dsa-4807https://security.archlinux.org/CVE-2020-1971