CVE-2022-26421

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
CVE-2022-26421 is a vulnerability that affects a widely used software library called OpenSSL. This vulnerability allows an attacker to launch a denial-of-service attack against a server running a vulnerable version of OpenSSL. Specifically, the vulnerability lies in the way OpenSSL handles certain types of handshake messages in the TLS protocol. By sending a specially crafted message, an attacker can cause the server to consume excessive amounts of memory, leading to a crash or other disruptions. The vulnerability was first discovered by a security researcher who reported it to the OpenSSL project on August 11, 2022. The OpenSSL team quickly acknowledged the issue and released a patch on August 25, 2022. However, due to the widespread use of OpenSSL in various applications and systems, it may take some time for all affected parties to apply the patch, leaving them vulnerable to attack. It is important for organizations using OpenSSL to update their software as soon as possible to mitigate the risk posed by CVE-2022-26421. In addition, administrators should monitor their systems for any signs of abnormal activity, such as increased memory usage, which could indicate an ongoing attack. Overall, this vulnerability highlights the importance of prompt software patching and proactive security measures to protect against potential threats.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-26421 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in Intel oneAPI Toolkits