Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
OpenSSL Improper Input Validation Vulnerability - CVE-2017-3733 - Vulnerability Database
OpenSSL

OpenSSL Improper Input Validation Vulnerability - CVE-2017-3733

High
Reference: CVE-2017-3733
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-3733
Title: OpenSSL Improper Input Validation Vulnerability
Overview:

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.