Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2011-4108

Disclosure Date: January 06, 2012
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

References

Additional Info

Technical Analysis