Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-2107

CWE-200 — Information Exposure CWE-310 CWE-119 — Buffer Overflow22 documents15 sources

Severity

5.9MEDIUM

EPSS

80.0%

top 0.89%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Nodejs Node.js Openssl Openssl Canonical Ubuntu Linux +12 more

Timeline

PublishedMay 5

Latest updateMay 14

Description

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages11 packages

▶Debianopenssl< 1.0.2h-1+3

▶NVDopenssl/openssl1.0.1s+8

▶NVDnodejs/node.js0.10.0 — 0.10.45+5

▶NVDopensuse/leap42.1

▶NVDgoogle/android20 versions+19

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 15.10, 16.04, Enterprise Linux 7.2

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-3gm7-8cfv-p8h9: The AES-NI implementation in OpenSSL before 1↗2022-05-14

▶

OSV

CVE-2016-2107: The AES-NI implementation in OpenSSL before 1↗2016-05-05

▶

CVEList

CVE-2016-2107: The AES-NI implementation in OpenSSL before 1↗2016-05-05

▶

OSV

openssl vulnerabilities↗2016-05-03

▶

💥Exploits & PoCs

Exploit-DB

OpenSSL - Padding Oracle in AES-NI CBC MAC Check↗2016-05-04

▶

📋Vendor Advisories

Apple

CVE-2016-2107: OS X El Capitan v10.11.6 and Security Update 2016-004↗2016-07-18

▶

Android

CVE-2016-2107: Android Security Bulletin 2016-07-01 CVE: CVE-2016-2107 Severity: HIGH Affected AOSP versions: 4↗2016-07-01

▶

BSD

FreeBSD-SA-16:17.openssl: Multiple OpenSSL vulnerabilities↗2016-05-04

▶

Cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016↗2016-05-04

▶

Red Hat

openssl: Padding oracle in AES-NI CBC MAC check↗2016-05-03

▶

🕵️Threat Intelligence

Qualys

OpenSSL CVE-2016-2107 Grading Update | Qualys↗2016-05-10

▶

Qualys

OpenSSL CVE-2016-2107 Grading Update | Qualys↗2016-05-09

▶

💬Community

HackerOne

formassembly.com is vulnerable to padding-oracle attacks.↗2017-03-17

▶

HackerOne

Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)↗2016-05-19

▶

Bugzilla

CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 mingw-openssl: various flaws [epel-7]↗2016-05-03

▶

Bugzilla

CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 openssl: various flaws [fedora-all]↗2016-05-03

▶

Bugzilla

CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 mingw-openssl: various flaws [fedora-all]↗2016-05-03

▶