http://security.gd-linux.com/notice/NS-SA-2023-0025
http://security.gd-linux.com/info/CVE-2021-23840
http://security.gd-linux.com/info/CVE-2021-23841
http://security.gd-linux.com/info/CVE-2021-3712
Severity: High
ID: 174068
File Name: newstart_cgsl_NS-SA-2023-0025_openssl.nasl
Version: 1.4
Type: local
Published: 4/11/2023
Updated: 4/19/2023
Supported Sensors: Nessus
Risk Factor: Medium
Score: 6.0
Risk Factor: Medium
Base Score: 5.8
Temporal Score: 4.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P
CVSS Score Source: CVE-2021-3712
Risk Factor: High
Base Score: 7.4
Temporal Score: 6.9
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CPE: p-cpe:/a:zte:cgsl_main:openssl, p-cpe:/a:zte:cgsl_main:openssl-perl, p-cpe:/a:zte:cgsl_core:openssl-perl, p-cpe:/a:zte:cgsl_main:openssl-devel, p-cpe:/a:zte:cgsl_core:openssl-crypto, cpe:/o:zte:cgsl_main:5, p-cpe:/a:zte:cgsl_main:openssl-libs, p-cpe:/a:zte:cgsl_core:openssl-debuginfo, p-cpe:/a:zte:cgsl_core:openssl-static, cpe:/o:zte:cgsl_core:5, p-cpe:/a:zte:cgsl_main:openssl-static, p-cpe:/a:zte:cgsl_core:openssl, p-cpe:/a:zte:cgsl_main:openssl-debuginfo, p-cpe:/a:zte:cgsl_core:openssl-libs, p-cpe:/a:zte:cgsl_core:openssl-devel
Required KB Items: Host/local_checks_enabled, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/11/2023
Vulnerability Publication Date: 2/16/2021
CVE: CVE-2021-23840, CVE-2021-23841, CVE-2021-3712, CVE-2022-0778, CVE-2022-2078
IAVA: 2021-A-0103-S, 2021-A-0395-S, 2022-A-0121-S