CVE-2022-0778 Open SSL issue in Security Analytics
search cancel

CVE-2022-0778 Open SSL issue in Security Analytics

book

Article ID: 242241

calendar_today

Updated On: 10-18-2024

Products

Security Analytics Security Analytics - VA

Issue/Introduction

A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subject to a denial of service attack.

Resolution

Security Analytics is affected by this vulnerability and will be resolved with version 8.2.6 or greater.

Additional Information