Multiple vulnerabilities in OpenSSL, with a CVSS base score of 7.4 (High), allow for remote attacks. The article lists a wide range of affected products and vendors, including IBM, Dell, HPE, Red Hat, and Siemens, but does not specify the exact OpenSSL version ranges or the individual CVE details. Mitigations are available, and administrators should consult the extensive vendor-specific update list provided to apply the appropriate patches for their specific systems.
[WID-SEC-2023-0304] OpenSSL: Mehrere Schwachstellen CVSS Base Score 7.4 (hoch) CVSS Temporal Score 6.4 (mittel) Remoteangriff ja Datum 07.02.2023 Stand UPDATE 17.03.2026 Mitigation ja Betroffene Systeme Betriebssystem Linux Sonstiges UNIX Windows Produktbeschreibung OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert. Produkte UPDATE 09.11.2025 SUSE openSUSE UPDATE 20.10.2025 SolarWinds Platform <2025.4 UPDATE 31.07.2025 Dell NetWorker <19.12.0.2 Dell NetWorker <19.11.0.6 UPDATE 30.06.2025 Dell NetWorker <19.13 Dell NetWorker <19.11.0.5 UPDATE 22.05.2025 HPE NonStop Server UPDATE 14.05.2025 IBM QRadar SIEM <7.5.0 UP12 UPDATE 09.04.2025 IBM Spectrum Protect Plus <10.1.17 UPDATE 27.03.2025 IBM Sterling Connect:Direct HP NonStop <3.6.0.6 iFix000 UPDATE 29.01.2025 Dell NetWorker UPDATE 31.10.2024 IBM QRadar SIEM <7.5.0 UP10 IF01 UPDATE 06.10.2024 Moxa Router TN-5900 <4.0 UPDATE 16.09.2024 Hitachi Ops Center UPDATE 23.07.2024 Hitachi Energy AFS UPDATE 26.06.2024 EMC Avamar UPDATE 13.06.2024 Dell PowerEdge UPDATE 03.06.2024 SolarWinds Platform <2024.2 UPDATE 27.03.2024 IBM QRadar SIEM <7.5.0 UP8 UPDATE 04.02.2024 Gentoo Linux UPDATE 25.01.2024 Dell NetWorker <19.10 UPDATE 17.01.2024 IBM Security Verify Access 10.0.0.0-10.0.6.1 UPDATE 12.12.2023 Dell Computer UPDATE 31.10.2023 IBM Rational Build Forge <8.0.0.24 UPDATE 03.10.2023 IBM Rational ClearQuest <10.0.3 IBM Rational ClearCase <9.1.0.5 IBM Rational ClearCase <9.0.2.8 IBM Rational ClearQuest <9.0.2.8 IBM Rational ClearQuest <9.1.0.5 UPDATE 25.09.2023 Hitachi Command Suite Hitachi Configuration Manager UPDATE 17.09.2023 HPE OneView <v8.5 HPE OneView <v6.60.05 LTS UPDATE 17.08.2023 Oracle VM 3 UPDATE 07.08.2023 Siemens SIMATIC S7 UPDATE 06.07.2023 IBM QRadar SIEM 7.5 IBM Power Hardware Management Console DS8000 UPDATE 05.07.2023 IBM Security Verify Access 10.0.X UPDATE 27.06.2023 ABB Relion 670 ABB Relion 650 ABB Relion SAM600-IO UPDATE 25.06.2023 Red Hat OpenShift Container Platform <4.12.22 UPDATE 22.06.2023 Red Hat OpenShift Container Platform <4.13.4 UPDATE 20.06.2023 IBM Spectrum Protect plus 10.1 UPDATE 14.06.2023 Red Hat OpenShift Container Platform <4.11.43 UPDATE 05.06.2023 Xerox FreeFlow Print Server v7 UPDATE 29.05.2023 Dell PowerEdge UPDATE 25.05.2023 IBM Power Hardware Management Console v9 IBM Power Hardware Management Console v10 UPDATE 23.05.2023 Aruba ArubaOS Aruba EdgeConnect Hitachi Energy RTU500 UPDATE 16.05.2023 IBM InfoSphere Information Server 11.7 UPDATE 10.05.2023 IBM MQ 9.1 LTS IBM MQ 8.0 IBM MQ 9.0 LTS IBM MQ 9.2 LTS IBM MQ 9.3 LTS UPDATE 09.05.2023 Tenable Security Nessus Network Monitor <6.2.1 UPDATE 03.05.2023 Red Hat Enterprise Linux Multicluster Engine UPDATE 01.05.2023 IBM DataPower Gateway <2018.4.1.26 IBM DataPower Gateway <10.0.4.0sr3 IBM DataPower Gateway <10.0.1.12 UPDATE 26.04.2023 IBM MQ UPDATE 24.04.2023 Meinberg LANTIME <7.06.013 UPDATE 10.04.2023 F5 BIG-IP UPDATE 29.03.2023 QNAP NAS UPDATE 22.03.2023 Open Source CentOS UPDATE 21.03.2023 IBM AIX 7.1 IBM AIX 7.2 IBM AIX 7.3 UPDATE 19.03.2023 IBM Spectrum Protect <8.1.17.2 UPDATE 15.03.2023 IBM Integration Bus 10.0.0.0-10.0.0.26 IBM Spectrum Protect 10.1.14 IBM Integration Bus 10.1 UPDATE 13.03.2023 Siemens SIMATIC S7 1500 Meinberg LANTIME 7.06.012 UPDATE 09.03.2023 Tenable Security Nessus Agent <10.3.2 Tenable Security Nessus Agent <8.3.5 UPDATE 07.03.2023 IBM DataPower Gateway <10.0.1.12 IBM DataPower Gateway <10.5.0.4 Tenable Security Nessus 8.15.9 Tenable Security Nessus 10.4.3 IBM MQ HPE NonStop 8.1.0 UPDATE 02.03.2023 Tenable Security Nessus <10.5.0 UPDATE 01.03.2023 SonicWall SMA <10.2.1.7-49sv UPDATE 28.02.2023 IBM Business Automation Workflow 21.0.2 IBM Business Automation Workflow 21.0.3 IBM Business Automation Workflow 22.0.1 IBM Business Automation Workflow 18.0.0.0 IBM Business Automation Workflow 18.0.0.1 IBM Business Automation Workflow 18.0.0.2 IBM Business Automation Workflow 19.0.0.1 IBM Business Automation Workflow 19.0.0.2 IBM Business Automation Workflow 19.0.0.3 Red Hat Enterprise Linux IBM Business Automation Workflow 20.0.0.1 IBM Business Automation Workflow 20.0.0.2 Oracle Linux IBM Business Automation Workflow 21.0.3.1 IBM Business Automation Workflow 22.0.2 UPDATE 27.02.2023 LANCOM LCOS 10.72 SU2 LANCOM LCOS 10.50 RU10 LANCOM LCOS 10.42 SU10 LANCOM LCOS FX 10.11 LANCOM LCOS LX 6.10 LANCOM LCOS LX 5.38 SU1 LANCOM LCOS LX 5.36 SU2 LANCOM LCOS SX 4.20 LANCOM LCOS SX 5.20 RU3 UPDATE 19.02.2023 Debian Linux UPDATE 16.02.2023 FreeBSD Project FreeBSD OS UPDATE 14.02.2023 NetApp Data ONTAP UPDATE 08.02.2023 Amazon Linux 2 Aruba Switch Aruba ClearPass Policy Manager 07.02.2023 Ubuntu Linux SUSE Linux Open Source OpenSSL <3.0.8 Open Source OpenSSL <1.1.1t Open Source OpenSSL <1.0.2zg Angriff Angriff Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen, Informationen offenzulegen oder Chiffretext über ein Netzwerk wiederherzustellen. CVE Informationen Versionshistorie Feedback zum Advisory geben