Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

  • Published: Nov 13, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-8610
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
openssl / openssl 1.1.0 1.1.0.x
openssl / openssl 0.9.8 0.9.8.x
openssl / openssl 1.0.1 1.0.1.x
openssl / openssl 1.0.2 1.0.2h.x
debian / debian_linux 8.0 8.0.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.3 7.3.x
redhat / enterprise_linux_server_eus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.5 7.5.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_eus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / jboss_enterprise_application_platform 6.0.0 6.0.0.x
redhat / jboss_enterprise_application_platform 6.4.0 6.4.0.x
netapp / e-series_santricity_os_controller 11.0 11.40.x
paloaltonetworks / pan-os - 6.1.17.x
paloaltonetworks / pan-os 7.1.0 7.1.10.x
paloaltonetworks / pan-os 7.0.0 7.0.15.x
oracle / jd_edwards_enterpriseone_tools 9.2 9.2.x
oracle / weblogic_server 12.1.3.0.0 12.1.3.0.0.x
oracle / peoplesoft_enterprise_peopletools 8.56 8.56.x
oracle / weblogic_server 10.3.6.0.0 10.3.6.0.0.x
oracle / weblogic_server 12.2.1.3.0 12.2.1.3.0.x
oracle / enterprise_manager_ops_center 12.3.3 12.3.3.x
oracle / adaptive_access_manager 11.1.2.3.0 11.1.2.3.0.x
oracle / peoplesoft_enterprise_peopletools 8.57 8.57.x
oracle / application_testing_suite 13.3.0.1 13.3.0.1.x
oracle / retail_predictive_application_server 15.0.3 15.0.3.x
oracle / enterprise_manager_ops_center 12.4.0 12.4.0.x
oracle / weblogic_server 12.2.1.4.0 12.2.1.4.0.x
oracle / peoplesoft_enterprise_peopletools 8.58 8.58.x
oracle / communications_ip_service_activator 7.4.0 7.4.0.x
oracle / core_rdbms 11.2.0.4 11.2.0.4.x
oracle / core_rdbms 12.2.0.1 12.2.0.1.x
oracle / core_rdbms 12.1.0.2 12.1.0.2.x
oracle / core_rdbms 19c 19c.x
oracle / core_rdbms 18c 18c.x
oracle / goldengate_application_adapters 12.3.2.1.0 12.3.2.1.0.x
oracle / communications_analytics 12.1.1 12.1.1.x
oracle / retail_predictive_application_server 16.0.3 16.0.3.x
oracle / communications_ip_service_activator 7.3.4 7.3.4.x
oracle / timesten_in-memory_database - 18.1.4.1.0
fujitsu / m10-1_firmware - xcp2361
fujitsu / m10-1_firmware xcp3000 xcp3070
fujitsu / m10-4_firmware - xcp2361
fujitsu / m10-4_firmware xcp3000 xcp3070
fujitsu / m10-4s_firmware - xcp2361
fujitsu / m10-4s_firmware xcp3000 xcp3070
fujitsu / m12-1_firmware - xcp2361
fujitsu / m12-1_firmware xcp3000 xcp3070
fujitsu / m12-2_firmware - xcp2361
fujitsu / m12-2_firmware xcp3000 xcp3070
fujitsu / m12-2s_firmware - xcp2361
fujitsu / m12-2s_firmware xcp3000 xcp3070