CVE-2017-3731
Description
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
10.401
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-3732,CVE-2017-3731,CVE-2016-7055 are fixed in OpenSSL (x64) 1.0.2k | Windows |
| Vulnerabilities CVE-2017-3732,CVE-2017-3731,CVE-2017-3730 are fixed in OpenSSL (x64) 1.1.0d | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.21 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.22 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.23 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.24 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.25 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.26 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.35 | Windows |
| Multiple vulnerabilities affected in Mysql 5.6.9 | Windows |
| Multiple vulnerabilities are affected in Mysql earlier | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.54 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.55 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.3.0 | Windows |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.1-4ubuntu5.39_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.1-4ubuntu5.39_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.2g-1ubuntu4.6_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3087-2) libssl1.0.0_1.0.2g-1ubuntu4.6_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1-4ubuntu5.39_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1-4ubuntu5.39_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.2g-1ubuntu4.6_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.2g-1ubuntu4.6_amd64.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1f-1ubuntu2.22_i386.deb | Linux |
| Secure Socket Layer (SSL) cryptographic library and tools (USN-3181-1) libssl1.0.0_1.0.1f-1ubuntu2.22_amd64.deb | Linux |
| openssl security update(DSA-3773-1) openssl_1.0.1t-1+deb8u6_i386.deb | Linux |
| openssl security update(DSA-3773-1) openssl_1.0.1t-1+deb8u6_amd64.deb | Linux |
| openssl security update(DSA-3773-1) openssl_1.0.1t-1+deb8u6_kfreebsd-i386.deb | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) libopenssl1_0_0-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) libopenssl1_0_0-32bit-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) libopenssl1_0_0-debuginfo-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) libopenssl1_0_0-debuginfo-32bit-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Server 12-SP1 ) libopenssl1_0_0-hmac-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Server 12-SP1 ) libopenssl1_0_0-hmac-32bit-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) openssl-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) openssl-debuginfo-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Desktop 12-SP1 ) openssl-debugsource-1.0.1i-54.5.1.x86_64.rpm | Linux |
| SUSE-SU-2017:0461-1(SUSE Linux Enterprise Server 12-SP1 ) openssl-doc-1.0.1i-54.5.1.noarch.rpm | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.21 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.22 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.23 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.24 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.25 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.26 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.35 (For Linux) | Linux |
| Multiple vulnerabilities affected in Mysql 5.6.9 (For Linux) | Linux |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Application Policy Infrastructure Controller (APIC) | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Emergency Responder | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Finesse | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Jabber for Windows | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Jabber Guest | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Jabber Software Development Kit | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco MediaSense | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Prime Infrastructure | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Prime Optical | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Prime Performance Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco UCS Director | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Contact Center Express | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Intelligence Center | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unity Connection | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco ASR 5000 Series | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Firepower Management Center Virtual Appliance | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco IronPort Security Management Appliance Software | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Data Center Network Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For CiscoPro Workgroup EtherSwitch Software | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Computing System | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Network Registrar | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Access Registrar | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Wireless Network Management Software Suite | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Prime Network Analysis Module Software | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Virtual Wireless Controller | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Network Convergence System 540 Series Routers | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Digital Media Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Communications Licensing | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Telepresence Integrator C Series | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco TelePresence Video Communication Server Software | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Video Surveillance Manager | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Identity Services Engine | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco WAN Automation Engine (WAE) | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco 1000 Series Connected Grid Routers | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Attendant Consoles | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Hosted Collaboration Solution (HCS) | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Prime Collaboration | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco Unified Communications Manager (CallManager) | NCM |
| Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017 For Cisco SIP IP Phone Software | NCM |
| Out-of-bounds Read Vulnerability (CVE-2017-3731) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706006 | Security Update for Cisco Application Policy Infrastructure Controller (APIC) 1.3(2k) |
| PATCH-1706049 | Security Update for Cisco Emergency Responder 12.0(0.98000.50) |
| PATCH-1705887 | Security Update for Cisco Finesse 11.5(0.98000.126) |
| PATCH-1705811 | Security Update for Cisco Jabber for Windows 11.6(1.38147) |
| PATCH-1705783 | Security Update for Cisco Jabber Guest 10.6(11) |
| PATCH-1706051 | Security Update for Cisco Jabber Software Development Kit 11.8(2) |
| PATCH-1705879 | Security Update for Cisco MediaSense 11.5(1.10000.6) |
| PATCH-1705595 | Security Update for Cisco Prime Infrastructure 2.2(2) |
| PATCH-1706040 | Security Update for Cisco Prime Optical 10.6(1) |
| PATCH-1706037 | Security Update for Cisco Prime Performance Manager 1.7(0.1703) |
| PATCH-1705947 | Security Update for Cisco UCS Director 6.0(1.0) |
| PATCH-1706052 | Security Update for Cisco Unified Contact Center Express 11.6(1) |
| PATCH-1705886 | Security Update for Cisco Unified Intelligence Center 11.5(0.98000.126) |
| PATCH-1706048 | Security Update for Cisco Unity Connection 12.0(0.97000.184) |
| PATCH-1706032 | Security Update for Cisco ASR 5000 Series 21.3.A0.66703 |
| PATCH-1705938 | Security Update for Cisco Firepower Management Center Virtual Appliance 6.1.0.1 |
| PATCH-1706033 | Security Update for Cisco IronPort Security Management Appliance Software 11.0.1-152 |
| PATCH-1706034 | Security Update for Cisco Data Center Network Manager 10.1(1.158)S0 |
| PATCH-1706035 | Security Update for CiscoPro Workgroup EtherSwitch Software 6.0(2)A8(4) |
| PATCH-1706036 | Security Update for Cisco Unified Computing System 3.2(1d) |
| PATCH-1706038 | Security Update for Cisco Network Registrar 9.1 |
| PATCH-1706039 | Security Update for Cisco Access Registrar 8.0 |
| PATCH-1705952 | Security Update for Cisco Wireless Network Management Software Suite 8.0(150) |
| PATCH-1706008 | Security Update for Cisco Prime Network Analysis Module Software 6.2(3) |
| PATCH-1705937 | Security Update for Cisco Virtual Wireless Controller 8.3(15.155) |
| PATCH-1706041 | Security Update for Cisco Network Convergence System 540 Series Routers 6.4.1.8i.BASE |
| PATCH-1705797 | Security Update for Cisco Digital Media Manager 5.6.3 |
| PATCH-1706042 | Security Update for Cisco Unified Communications Licensing 11.5(1.12001.2) |
| PATCH-1706043 | Security Update for Cisco Telepresence Integrator C Series 9.1.1 |
| PATCH-1706044 | Security Update for Cisco TelePresence Video Communication Server Software X8.9.2 |
| PATCH-1706045 | Security Update for Cisco Video Surveillance Manager 7.10 |
| PATCH-1706002 | Security Update for Cisco Identity Services Engine 2.0(0.905) |
| PATCH-1706046 | Security Update for Cisco WAN Automation Engine (WAE) v6.4.6dev-43-g887096e25e6 |
| PATCH-1706026 | Security Update for CAF-1.2.0.0 |
| PATCH-1705873 | Security Update for Cisco 1000 Series Connected Grid Routers 15.6(3.0q)M |
| PATCH-1706047 | Security Update for Cisco Unified Attendant Consoles 11.0(2) |
| PATCH-1706050 | Security Update for Cisco Hosted Collaboration Solution (HCS) 11.5(1.93540.24) |
| PATCH-1705997 | Security Update for Cisco Prime Collaboration 11.0(0.815) |
| PATCH-1706016 | Security Update for Cisco Unified Communications Manager (CallManager) CUP.11.5(1.12900.25) |
| PATCH-1705918 | Security Update for Cisco SIP IP Phone Software 11.7(1)MN19 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234