Search for vulnerabilities
Vulnerability details: VCID-vqn2-4c3d-aaab
Vulnerability ID VCID-vqn2-4c3d-aaab
Aliases CVE-2013-6450
VC-OPENSSL-20131213-CVE-2013-6450
Summary A flaw in DTLS handling can cause an application using OpenSSL and DTLS to crash. This is not a vulnerability for OpenSSL prior to 1.0.0.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-310 Cryptographic Issues
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2014:0015
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.02488 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.13137 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.14154 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.3597 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.37815 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.45485 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
epss 0.52594 https://api.first.org/data/v1/epss?cve=CVE-2013-6450
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1047840
generic_textual MODERATE http://seclists.org/fulldisclosure/2014/Dec/23
cvssv2 5.8 https://nvd.nist.gov/vuln/detail/CVE-2013-6450
cvssv3.1 5.3 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
generic_textual HIGH http://www.securityfocus.com/archive/1/534161/100/0/threaded
generic_textual MODERATE http://www.vmware.com/security/advisories/VMSA-2014-0012.html
Reference id Reference type URL
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=34628967f1e65dc8f34e000f0f5518e21afbfc7b
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00031.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00032.html
http://rhn.redhat.com/errata/RHSA-2014-0015.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6450.json
https://api.first.org/data/v1/epss?cve=CVE-2013-6450
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
http://seclists.org/fulldisclosure/2014/Dec/23
http://security.gentoo.org/glsa/glsa-201412-39.xml
https://github.com/openssl/openssl/commit/3462896
https://puppet.com/security/cve/cve-2013-6450
https://security-tracker.debian.org/tracker/CVE-2013-6450
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
http://www.debian.org/security/2014/dsa-2833
http://www.openssl.org/news/vulnerabilities.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/64618
http://www.securitytracker.com/id/1029549
http://www.securitytracker.com/id/1031594
http://www.ubuntu.com/usn/USN-2079-1
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
1047840 https://bugzilla.redhat.com/show_bug.cgi?id=1047840
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
CVE-2013-6450 https://nvd.nist.gov/vuln/detail/CVE-2013-6450
GLSA-201412-39 https://security.gentoo.org/glsa/201412-39
RHSA-2014:0015 https://access.redhat.com/errata/RHSA-2014:0015
USN-2079-1 https://usn.ubuntu.com/2079-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-6450
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.90392
EPSS Score 0.02488
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.