In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Published : 2019-09-10 17:15 Updated : 2019-09-12 11:15

CVSS Score More info
Score 4.3 / 10
Vendor Product Version URI
Openssl Openssl 1.0.2 cpe:/a:openssl:openssl:1.0.2
Openssl Openssl 1.0.2 cpe:/a:openssl:openssl:1.0.2:beta1
Openssl Openssl 1.0.2 cpe:/a:openssl:openssl:1.0.2:beta2
Openssl Openssl 1.0.2 cpe:/a:openssl:openssl:1.0.2:beta3
Openssl Openssl 1.0.2a cpe:/a:openssl:openssl:1.0.2a
Openssl Openssl 1.0.2b cpe:/a:openssl:openssl:1.0.2b
Openssl Openssl 1.0.2c cpe:/a:openssl:openssl:1.0.2c
Openssl Openssl 1.0.2d cpe:/a:openssl:openssl:1.0.2d
Openssl Openssl 1.0.2e cpe:/a:openssl:openssl:1.0.2e
Openssl Openssl 1.0.2f cpe:/a:openssl:openssl:1.0.2f
Openssl Openssl 1.0.2g cpe:/a:openssl:openssl:1.0.2g
Openssl Openssl 1.0.2h cpe:/a:openssl:openssl:1.0.2h
Openssl Openssl 1.0.2i cpe:/a:openssl:openssl:1.0.2i
Openssl Openssl 1.0.2j cpe:/a:openssl:openssl:1.0.2j
Openssl Openssl 1.0.2k cpe:/a:openssl:openssl:1.0.2k
Openssl Openssl 1.0.2l cpe:/a:openssl:openssl:1.0.2l
Openssl Openssl 1.0.2m cpe:/a:openssl:openssl:1.0.2m
Openssl Openssl 1.0.2n cpe:/a:openssl:openssl:1.0.2n
Openssl Openssl 1.0.2o cpe:/a:openssl:openssl:1.0.2o
Openssl Openssl 1.0.2p cpe:/a:openssl:openssl:1.0.2p
Openssl Openssl 1.0.2q cpe:/a:openssl:openssl:1.0.2q
Openssl Openssl 1.0.2r cpe:/a:openssl:openssl:1.0.2r
Openssl Openssl 1.0.2s cpe:/a:openssl:openssl:1.0.2s
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:-
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre1
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre2
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre3
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre4
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre5
Openssl Openssl 1.1.0 cpe:/a:openssl:openssl:1.1.0:pre6
Openssl Openssl 1.1.0a cpe:/a:openssl:openssl:1.1.0a
Openssl Openssl 1.1.0b cpe:/a:openssl:openssl:1.1.0b
Openssl Openssl 1.1.0c cpe:/a:openssl:openssl:1.1.0c
Openssl Openssl 1.1.0d cpe:/a:openssl:openssl:1.1.0d
Openssl Openssl 1.1.0e cpe:/a:openssl:openssl:1.1.0e
Openssl Openssl 1.1.0f cpe:/a:openssl:openssl:1.1.0f
Openssl Openssl 1.1.0g cpe:/a:openssl:openssl:1.1.0g
Openssl Openssl 1.1.0h cpe:/a:openssl:openssl:1.1.0h
Openssl Openssl 1.1.0i cpe:/a:openssl:openssl:1.1.0i
Openssl Openssl 1.1.0j cpe:/a:openssl:openssl:1.1.0j
Openssl Openssl 1.1.0k cpe:/a:openssl:openssl:1.1.0k
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre1
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre2
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre3
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre4
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre5
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre6
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre7
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre8
Openssl Openssl 1.1.1 cpe:/a:openssl:openssl:1.1.1:pre9
Openssl Openssl 1.1.1a cpe:/a:openssl:openssl:1.1.1a
Openssl Openssl 1.1.1b cpe:/a:openssl:openssl:1.1.1b
Openssl Openssl 1.1.1c cpe:/a:openssl:openssl:1.1.1c
  1. Openssl (1) Search CVE
    1. Openssl (36) Search CVE
      1. 1.0.2
      2. 1.0.2a
      3. 1.0.2b
      4. 1.0.2c
      5. 1.0.2d
      6. 1.0.2e
      7. 1.0.2f
      8. 1.0.2g
      9. 1.0.2h
      10. 1.0.2i
      11. 1.0.2j
      12. 1.0.2k
      13. 1.0.2l
      14. 1.0.2m
      15. 1.0.2n
      16. 1.0.2o
      17. 1.0.2p
      18. 1.0.2q
      19. 1.0.2r
      20. 1.0.2s
      21. 1.1.0
      22. 1.1.0a
      23. 1.1.0b
      24. 1.1.0c
      25. 1.1.0d
      26. 1.1.0e
      27. 1.1.0f
      28. 1.1.0g
      29. 1.1.0h
      30. 1.1.0i
      31. 1.1.0j
      32. 1.1.0k
      33. 1.1.1
      34. 1.1.1a
      35. 1.1.1b
      36. 1.1.1c


ID Name Description Links
CWE-311 Missing Encryption of Sensitive Data The software does not encrypt sensitive or critical information before storage or transmission. CVE

History of changes

Date Event
2019-09-12 11:15
2019-09-11 19:59
2019-09-10 17:35