cbcvebase.
CVE-2016-2217
published 2017-01-30

CVE-2016-2217: The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain…

PriorityP426medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EPSS
2.53%
82.9th percentile
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiansocat< socat 1.7.3.1-1 (bookworm)socat 1.7.3.1-1 (bookworm)
dest-unreachsocat
dest-unreachsocat
dest-unreachsocat>= 0 < 1.7.3.1-11.7.3.1-1
dest-unreachsocat>= 0 < 1.7.3.1-11.7.3.1-1
dest-unreachsocat>= 0 < 1.7.3.1-11.7.3.1-1
dest-unreachsocat>= 0 < 1.7.3.1-11.7.3.1-1

CVSS provenance

nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.