1. Home
  2. Security Advisories
  3. Cisco
  4. CISCO-SA-OPENSSL-W9SDCC2A

[CISCO-SA-OPENSSL-W9SDCC2A] Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022

Severity High
CVEs 2
Info References Vulnerabilities

On November 1, 2022, the OpenSSL Project announced the following vulnerabilities:

CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow
CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow

For a description of these vulnerabilities, see OpenSSL Security Advisory [Nov 1 2022] ["https://www.openssl.org/news/secadv/20221101.txt"].

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"]

ID
CISCO-SA-OPENSSL-W9SDCC2A
Severity
high
URL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
Published
2022-10-28T16:00:00
(22 months ago)
Modified
2022-10-28T16:00:00
(22 months ago)
Rights
Cisco Systems, Inc.
Other Advisories
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date