Key Management Errors
CVE-2016-2217
Summary
The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- LOW
- NONE
CWE-320 - Key Management Errors
Weaknesses in this category are related to errors in the management of cryptographic keys.
References
Advisory Timeline
- Published
