VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-jm31-c3d3-aaap

Essentials
Severities (122)
References (29)
Severity details (35)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-jm31-c3d3-aaap
Aliases	CVE-2024-0727 GHSA-9v9h-cgj8-h64p
Summary	openssl: denial of service via null dereference
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-476	NULL Pointer Dereference
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	5.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00103	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00119	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.0016	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00165	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00186	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00217	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00228	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
epss	0.00383	https://api.first.org/data/v1/epss?cve=CVE-2024-0727
cvssv3.1	3.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-9v9h-cgj8-h64p
cvssv3.1	5.5	https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
generic_textual	MODERATE	https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
cvssv3.1	5.5	https://github.com/github/advisory-database/pull/3472
generic_textual	MODERATE	https://github.com/github/advisory-database/pull/3472
cvssv3.1	5.5	https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
generic_textual	MODERATE	https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
ssvc	Track	https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
cvssv3.1	5.5	https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
generic_textual	MODERATE	https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
ssvc	Track	https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
cvssv3.1	5.5	https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
generic_textual	MODERATE	https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
ssvc	Track	https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
cvssv3.1	5.5	https://github.com/openssl/openssl/pull/23362
generic_textual	MODERATE	https://github.com/openssl/openssl/pull/23362
cvssv3.1	5.5	https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
generic_textual	MODERATE	https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
cvssv3.1	5.5	https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
generic_textual	MODERATE	https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
ssvc	Track	https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
cvssv3.1	5.5	https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
generic_textual	MODERATE	https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
ssvc	Track	https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
cvssv3	5.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0727
cvssv3.1	5.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0727
cvssv3.1	5.5	https://security.netapp.com/advisory/ntap-20240208-0006
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20240208-0006
cvssv3.1	5.5	https://www.openssl.org/news/secadv/20240125.txt
generic_textual	MODERATE	https://www.openssl.org/news/secadv/20240125.txt
ssvc	Track	https://www.openssl.org/news/secadv/20240125.txt
cvssv3.1	3.9	http://www.openwall.com/lists/oss-security/2024/03/11/1
generic_textual	LOW	http://www.openwall.com/lists/oss-security/2024/03/11/1

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-0727
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0727
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2
		https://github.com/github/advisory-database/pull/3472
		https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
		https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
		https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
		https://github.com/openssl/openssl/pull/23362
		https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d
		https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
		https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
		https://security.netapp.com/advisory/ntap-20240208-0006
		https://security.netapp.com/advisory/ntap-20240208-0006/
		https://www.openssl.org/news/secadv/20240125.txt
		http://www.openwall.com/lists/oss-security/2024/03/11/1
1061582		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061582
2259944		https://bugzilla.redhat.com/show_bug.cgi?id=2259944
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:openssl:openssl:3.2.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:3.2.0:-::::::
CVE-2024-0727		https://nvd.nist.gov/vuln/detail/CVE-2024-0727
GHSA-9v9h-cgj8-h64p		https://github.com/advisories/GHSA-9v9h-cgj8-h64p
RHSA-2024:2447		https://access.redhat.com/errata/RHSA-2024:2447
RHSA-2024:9088		https://access.redhat.com/errata/RHSA-2024:9088
USN-6622-1		https://usn.ubuntu.com/6622-1/
USN-6632-1		https://usn.ubuntu.com/6632-1/
USN-6709-1		https://usn.ubuntu.com/6709-1/
USN-7018-1		https://usn.ubuntu.com/7018-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/alexcrichton/openssl-src-rs/commit/add20f73b6b42be7451af2e1044d4e0e778992b2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/github/advisory-database/pull/3472

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/openssl/openssl/pull/23362

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/pyca/cryptography/commit/3519591d255d4506fbcd0d04037d45271903c64d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0727

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0727

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20240208-0006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.openssl.org/news/secadv/20240125.txt

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:15:21Z/ Found at https://www.openssl.org/news/secadv/20240125.txt

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L Found at http://www.openwall.com/lists/oss-security/2024/03/11/1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.2547
EPSS Score	0.00103
Published At	April 11, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2024-01-24T11:34:18.589991+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json	34.0.0rc2