Insyde Security Advisory 2023060

Insyde ID Advisory Category Impact of Vulnerability Severity Rating Original Date Last Revised
INSYDE-SA-2023060 Software Multiple Low 11/14/2023 11/14/2023

Summary:

H2O-0802-2301
Upgrade OpenSSL to 1.1.1v

Vulnerability Details:

Upgrade OpenSSL to 1.1.1v for addressing following vulnerabilities.

  1. CVE-2023-3817
    CVSS: Low
    Description: Excessive time spent checking DH q parameter value
  2. CVE-2023-3446
    CVSS: Low
    Description: Excessive time spent checking DH keys and parameters

Solution Information:
SPF RV 23.11 and after.

Revision History:

Revision Date Description
1.0 11/14/2023 Initial Release
-- -- --

Return to Insyde's Security Pledge