VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-mu8w-emsy-aaak

Essentials
Severities (111)
References (25)
Severity details (28)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-mu8w-emsy-aaak
Aliases	CVE-2023-0465
Summary	Improper Certificate Validation Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-295	Improper Certificate Validation
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00170	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00331	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00421	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00432	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00432	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00432	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00468	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00468	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00468	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.00468	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
epss	0.0094	https://api.first.org/data/v1/epss?cve=CVE-2023-0465
cvssv3.1	5.9	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
cvssv3.1	5.3	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
ssvc	Track	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
cvssv3.1	5.3	https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
cvssv3	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-0465
cvssv3.1	5.3	https://nvd.nist.gov/vuln/detail/CVE-2023-0465
cvssv3.1	5.3	https://security.gentoo.org/glsa/202402-08
ssvc	Track	https://security.gentoo.org/glsa/202402-08
ssvc	Track	https://security.netapp.com/advisory/ntap-20230414-0001/
ssvc	Track	https://www.debian.org/security/2023/dsa-5417
ssvc	Track	https://www.openssl.org/news/secadv/20230328.txt
ssvc	Track	https://www.openssl.org/news/secadv/20230328.txt

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-0465
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0464
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0465
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0466
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
		https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
		https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
		https://security.netapp.com/advisory/ntap-20230414-0001/
		https://www.debian.org/security/2023/dsa-5417
		https://www.openssl.org/news/secadv/20230328.txt
1034720		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034720
2182561		https://bugzilla.redhat.com/show_bug.cgi?id=2182561
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
CVE-2023-0465		https://nvd.nist.gov/vuln/detail/CVE-2023-0465
GLSA-202402-08		https://security.gentoo.org/glsa/202402-08
RHSA-2023:3722		https://access.redhat.com/errata/RHSA-2023:3722
RHSA-2023:7622		https://access.redhat.com/errata/RHSA-2023:7622
RHSA-2023:7623		https://access.redhat.com/errata/RHSA-2023:7623
RHSA-2023:7625		https://access.redhat.com/errata/RHSA-2023:7625
RHSA-2023:7626		https://access.redhat.com/errata/RHSA-2023:7626

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0465.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-0465

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-0465

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://security.gentoo.org/glsa/202402-08

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://security.gentoo.org/glsa/202402-08

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://security.netapp.com/advisory/ntap-20230414-0001/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://www.debian.org/security/2023/dsa-5417

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:12:09Z/ Found at https://www.openssl.org/news/secadv/20230328.txt

Exploit Prediction Scoring System (EPSS)

Percentile	0.54643
EPSS Score	0.00170
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.