7.5
HIGH
CVE-2018-0732
OpenSSL TLS DH Hang DoS Vulnerability
Description

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

INFO

Published Date :

June 12, 2018, 1:29 p.m.

Last Modified :

Nov. 7, 2023, 2:51 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2018-0732 has a 7 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2018-0732 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canonical ubuntu_linux
1 Debian debian_linux
1 Openssl openssl
1 Nodejs node.js
: Total Affected Vendor : 4 | Products : 4
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2018-0732.

URL Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
http://www.securityfocus.com/bid/104442 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041090 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:2552 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2553 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3221 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3505 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1296 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1297 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1543 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4
https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/ Vendor Advisory
https://security.gentoo.org/glsa/201811-03 Third Party Advisory
https://security.netapp.com/advisory/ntap-20181105-0001/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20190118-0002/ Third Party Advisory
https://securityadvisories.paloaltonetworks.com/Home/Detail/133 Third Party Advisory
https://usn.ubuntu.com/3692-1/ Third Party Advisory
https://usn.ubuntu.com/3692-2/ Third Party Advisory
https://www.debian.org/security/2018/dsa-4348 Third Party Advisory
https://www.debian.org/security/2018/dsa-4355 Third Party Advisory
https://www.openssl.org/news/secadv/20180612.txt Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Patch Third Party Advisory
https://www.tenable.com/security/tns-2018-12 Third Party Advisory
https://www.tenable.com/security/tns-2018-13 Third Party Advisory
https://www.tenable.com/security/tns-2018-14 Third Party Advisory
https://www.tenable.com/security/tns-2018-17 Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
RClueX/Hackerone-Reports

None

Updated: 4 months, 1 week ago
1 stars 1 fork 1 watcher
Born at : Jan. 29, 2024, 7:04 a.m. This repo has been linked 80 different CVEs too.
Profile Photo
holmes-py/reports-summary

A sensible no bullshit repo of summaries of reports on hackerone, bugcrowd and alike, that makes straight up sense and make it easy to repeat and automate. This is supposed to serve as my personal reference, but should be a good public index reference for like minded.

bugbounty bugbounty-writeups bugbountytips cybersecurity hackerone hackerone-reports hacking csrf dos hacktoberfest idor rce reports security sql-injection ssrf writeups xss xxe

Updated: 2 months ago
4 stars 1 fork 1 watcher
Born at : Oct. 21, 2023, 12:53 a.m. This repo has been linked 22 different CVEs too.
Profile Photo
chnzzh/OpenSSL-CVE-lib

None

Updated: 1 week, 5 days ago
5 stars 0 fork 0 watcher
Born at : Feb. 23, 2023, 5:42 a.m. This repo has been linked 455 different CVEs too.
Profile Photo
imhunterand/hackerone-publicy-disclosed

hackerone one million reports

bugbountytips vulnerability-research

Updated: 1 year, 4 months ago
3 stars 1 fork 1 watcher
Born at : Oct. 15, 2022, 6:48 p.m. This repo has been linked 80 different CVEs too.
Profile Photo
javirodriguezzz/Shodan-Browser

Python script to search queries on Shodan. It gives a detailed inform of each result in the search, including vulnerabilities and exploits.

Python

Updated: 2 years, 7 months ago
0 stars 0 fork 0 watcher
Born at : Feb. 16, 2022, 4:15 p.m. This repo has been linked 5 different CVEs too.
Profile Photo
mrodden/vyger

Quick and easy CVE scanning for Linux systems

Python

Updated: 4 years, 3 months ago
0 stars 0 fork 0 watcher
Born at : June 4, 2020, 9:12 p.m. This repo has been linked 12 different CVEs too.
Profile Photo
intrigueio/intrigue-ident

Application and Service Fingerprinting

vulnerability-assessment security-scanner security-tools

Ruby Dockerfile Shell

Updated: 4 months ago
131 stars 39 fork 39 watcher
Born at : Nov. 26, 2018, 4:57 a.m. This repo has been linked 5 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2018-0732 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2018-0732 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3984ef0b72831da8b3ece4745cac4f8575b19098 [No types assigned]
    Added Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ea7abeeabf92b7aca160bdd0208636d4da69f4f4 [No types assigned]
    Removed Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4
    Removed Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
  • Modified Analysis by [email protected]

    Aug. 16, 2022

    Action Type Old Value New Value
    Removed CVSS V3 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2018:2552 No Types Assigned https://access.redhat.com/errata/RHSA-2018:2552 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2018:2553 No Types Assigned https://access.redhat.com/errata/RHSA-2018:2553 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2018:3221 No Types Assigned https://access.redhat.com/errata/RHSA-2018:3221 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2018:3505 No Types Assigned https://access.redhat.com/errata/RHSA-2018:3505 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2019:1296 No Types Assigned https://access.redhat.com/errata/RHSA-2019:1296 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2019:1297 No Types Assigned https://access.redhat.com/errata/RHSA-2019:1297 Third Party Advisory
    Changed Reference Type https://access.redhat.com/errata/RHSA-2019:1543 No Types Assigned https://access.redhat.com/errata/RHSA-2019:1543 Third Party Advisory
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf Third Party Advisory
    Changed Reference Type https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ No Types Assigned https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ Mailing List, Third Party Advisory
    Changed Reference Type https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ No Types Assigned https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ Third Party Advisory
    Changed Reference Type https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ No Types Assigned https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ Mailing List, Third Party Advisory
    Changed Reference Type https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/ No Types Assigned https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/ Vendor Advisory
    Changed Reference Type https://security.gentoo.org/glsa/201811-03 No Types Assigned https://security.gentoo.org/glsa/201811-03 Third Party Advisory
    Changed Reference Type https://security.netapp.com/advisory/ntap-20181105-0001/ No Types Assigned https://security.netapp.com/advisory/ntap-20181105-0001/ Third Party Advisory
    Changed Reference Type https://security.netapp.com/advisory/ntap-20190118-0002/ No Types Assigned https://security.netapp.com/advisory/ntap-20190118-0002/ Third Party Advisory
    Changed Reference Type https://securityadvisories.paloaltonetworks.com/Home/Detail/133 No Types Assigned https://securityadvisories.paloaltonetworks.com/Home/Detail/133 Third Party Advisory
    Changed Reference Type https://www.debian.org/security/2018/dsa-4348 No Types Assigned https://www.debian.org/security/2018/dsa-4348 Third Party Advisory
    Changed Reference Type https://www.debian.org/security/2018/dsa-4355 No Types Assigned https://www.debian.org/security/2018/dsa-4355 Third Party Advisory
    Changed Reference Type https://www.oracle.com/security-alerts/cpuapr2020.html No Types Assigned https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
    Changed Reference Type https://www.oracle.com/security-alerts/cpujan2021.html No Types Assigned https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
    Changed Reference Type https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html No Types Assigned https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch, Third Party Advisory
    Changed Reference Type https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html No Types Assigned https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch, Third Party Advisory
    Changed Reference Type https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html No Types Assigned https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch, Third Party Advisory
    Changed Reference Type https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html No Types Assigned https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Patch, Third Party Advisory
    Changed Reference Type https://www.tenable.com/security/tns-2018-12 No Types Assigned https://www.tenable.com/security/tns-2018-12 Third Party Advisory
    Changed Reference Type https://www.tenable.com/security/tns-2018-13 No Types Assigned https://www.tenable.com/security/tns-2018-13 Third Party Advisory
    Changed Reference Type https://www.tenable.com/security/tns-2018-14 No Types Assigned https://www.tenable.com/security/tns-2018-14 Third Party Advisory
    Changed Reference Type https://www.tenable.com/security/tns-2018-17 No Types Assigned https://www.tenable.com/security/tns-2018-17 Third Party Advisory
    Added CPE Configuration OR *cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* versions from (including) 6.0.0 up to (excluding) 6.8.1 *cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:* versions from (including) 6.9.0 up to (excluding) 6.14.4 *cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* versions from (including) 8.0.0 up to (excluding) 8.8.1 *cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:* versions from (including) 8.9.0 up to (excluding) 8.11.4 *cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* versions from (including) 10.0.0 up to (excluding) 10.9.0
  • CVE Modified by [email protected]

    Jun. 08, 2021

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 20, 2021

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/security-alerts/cpujan2021.html [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 15, 2020

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/security-alerts/cpuapr2020.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 16, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 26, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 25, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 21, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 23, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 18, 2019

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2019:1543 [No Types Assigned]
  • CVE Modified by [email protected]

    May. 30, 2019

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2019:1297 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2019:1296 [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 23, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 19, 2019

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20190118-0002/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 16, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 21, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-17 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 20, 2018

    Action Type Old Value New Value
    Added Reference https://www.debian.org/security/2018/dsa-4355 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 01, 2018

    Action Type Old Value New Value
    Added Reference https://www.debian.org/security/2018/dsa-4348 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 09, 2018

    Action Type Old Value New Value
    Added Reference https://security.gentoo.org/glsa/201811-03 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 07, 2018

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2018:3505 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 06, 2018

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20181105-0001/ [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 31, 2018

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2018:3221 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 24, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-14 [No Types Assigned]
    Added Reference https://www.tenable.com/security/tns-2018-13 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 17, 2018

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 12, 2018

    Action Type Old Value New Value
    Added Reference https://securityadvisories.paloaltonetworks.com/Home/Detail/133 [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 19, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-12 [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 24, 2018

    Action Type Old Value New Value
    Added Reference https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/ [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 23, 2018

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2018:2553 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2018:2552 [No Types Assigned]
  • Initial Analysis by [email protected]

    Aug. 10, 2018

    Action Type Old Value New Value
    Added CVSS V2 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
    Added CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    Changed Reference Type http://www.securityfocus.com/bid/104442 No Types Assigned http://www.securityfocus.com/bid/104442 Third Party Advisory, VDB Entry
    Changed Reference Type https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098 No Types Assigned https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3984ef0b72831da8b3ece4745cac4f8575b19098 Patch, Third Party Advisory
    Changed Reference Type https://www.openssl.org/news/secadv/20180612.txt No Types Assigned https://www.openssl.org/news/secadv/20180612.txt Vendor Advisory
    Changed Reference Type https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4 No Types Assigned https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ea7abeeabf92b7aca160bdd0208636d4da69f4f4 Patch, Third Party Advisory
    Changed Reference Type https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html No Types Assigned https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html Third Party Advisory
    Changed Reference Type https://usn.ubuntu.com/3692-2/ No Types Assigned https://usn.ubuntu.com/3692-2/ Third Party Advisory
    Changed Reference Type https://usn.ubuntu.com/3692-1/ No Types Assigned https://usn.ubuntu.com/3692-1/ Third Party Advisory
    Changed Reference Type http://www.securitytracker.com/id/1041090 No Types Assigned http://www.securitytracker.com/id/1041090 Third Party Advisory, VDB Entry
    Added CWE CWE-320
    Added CPE Configuration OR *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.0.2 up to (including) 1.0.2o *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.1.0 up to (including) 1.1.0h
    Added CPE Configuration OR *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Jul. 29, 2018

    Action Type Old Value New Value
    Added Reference https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 28, 2018

    Action Type Old Value New Value
    Added Reference https://usn.ubuntu.com/3692-2/ [No Types Assigned]
    Added Reference https://usn.ubuntu.com/3692-1/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 15, 2018

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/bid/104442 [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 14, 2018

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1041090 [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2018-0732 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2018-0732 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

4.79 }} 0.06%

score

0.92892

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: