[CISCO-SA-OPENSSL-2021-GHY28DJD] Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021

Severity High

CVEs 2

On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], ["https://www.openssl.org/news/secadv/20210325.txt"] that disclosed two vulnerabilities.

Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"]

ID

CISCO-SA-OPENSSL-2021-GHY28DJD

Severity

high

URL

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd

Published

2021-03-25T16:00:00
(3 years ago)

Modified

2021-03-25T16:00:00
(3 years ago)

Rights

Cisco Systems, Inc.

Other Advisories

Source	# ID	Name	URL
Cisco		CSAF	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd/csaf/cisco-sa-openssl-2021-GHY28dJd.json

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date