Search for vulnerabilities
Vulnerability details: VCID-5g7v-r9hv-nkh5
Vulnerability ID VCID-5g7v-r9hv-nkh5
Aliases CVE-2016-2107
Summary
Status Published
Exploitability 2.0
Weighted Severity 3.5
Risk 7.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.77742 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.77742 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.81863 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
epss 0.86671 https://api.first.org/data/v1/epss?cve=CVE-2016-2107
cvssv2 7.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2107.json
https://api.first.org/data/v1/epss?cve=CVE-2016-2107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1331426 https://bugzilla.redhat.com/show_bug.cgi?id=1331426
CVE-2016-2107 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39768.txt
CVE-2016-2107 Exploit http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
RHSA-2016:0722 https://access.redhat.com/errata/RHSA-2016:0722
RHSA-2016:0996 https://access.redhat.com/errata/RHSA-2016:0996
RHSA-2016:2073 https://access.redhat.com/errata/RHSA-2016:2073
RHSA-2016:2957 https://access.redhat.com/errata/RHSA-2016:2957
USN-2959-1 https://usn.ubuntu.com/2959-1/
Data source Exploit-DB
Date added May 4, 2016
Description OpenSSL - Padding Oracle in AES-NI CBC MAC Check
Ransomware campaign use Known
Source publication date May 4, 2016
Exploit type dos
Platform multiple
Source update date May 4, 2016
Source URL http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.98956
EPSS Score 0.77742
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:38:21.147285+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.3/main.json 37.0.0