Intrusion Prevention



This indicates an attack attempt against a Security Bypass vulnerability in the OpenSSL library.
The vulnerability is caused by an error in SSL_read() and SSL_Write() function when handling fatal ssl handshake errors. A remote attacker can exploit this to gain data that is not encrypted, from vulnerable systems.

Affected Products

OpenSSL 1.0.2m and the prior


Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References