virus logo FortiClient Vulnerability

OpenSSL CVE-2013-0169 Weak Encryption Vulnerability

description-logoDescription

constant time by making sure that always the same bytes are read andcompared against either the MAC or padding bytes. But it no longerchecked that there was enough data to have both the MAC and paddingbytes.OpenSSL 1.0.2 users should upgrade to 1.0.2hOpenSSL 1.0.1 users should upgrade to 1.0.1tThis issue was reported to OpenSSL on 13th of April 2016 by JurajSomorovsky using TLS-Attacker. The fix was developed by Kurt Roeckxof the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2013-0169

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39791
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL