High severity7.5NVD Advisory· Published Nov 13, 2017· Updated Jun 17, 2026
CVE-2016-8610
CVE-2016-8610
Description
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
113- cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:data_ontap:-:*:*:*:*:7-mode:*:*
- cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*Range: >=11.0,<=11.40
- cpe:2.3:a:netapp:host_agent:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
- cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:storagegrid_webscale:-:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: >=1.0.2,<=1.0.2h
- cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
- (no CPE)range: 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0
- (no CPE)range: All 0.9.8
- cpe:2.3:a:oracle:adaptive_access_manager:11.1.2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_ip_service_activator:7.3.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:communications_ip_service_activator:7.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:core_rdbms:11.2.0.4:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oracle:core_rdbms:11.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:core_rdbms:12.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:core_rdbms:12.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:core_rdbms:18c:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:core_rdbms:19c:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*Range: <18.1.4.1.0
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- osv-coords41 versionspkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweedpkg:rpm/suse/compat-openssl097g&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/openssl1&distro=SUSE%20Linux%20Enterprise%20Server%2011-SECURITYpkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/openssl&distro=SUSE%20Manager%202.1pkg:rpm/suse/openssl&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/openssl&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/openssl&distro=SUSE%20Studio%20Onsite%201.3
< 3.7.2-1.2+ 40 more
- (no CPE)range: < 3.7.2-1.2
- (no CPE)range: < 0.9.7g-146.22.50.1
- (no CPE)range: < 0.9.8j-105.1
- (no CPE)range: < 0.9.8j-105.1
- (no CPE)range: < 0.9.8j-106.9.1
- (no CPE)range: < 0.9.8j-106.9.1
- (no CPE)range: < 0.9.8j-105.1
- (no CPE)range: < 0.9.8j-105.1
- (no CPE)range: < 0.9.8j-105.1
- (no CPE)range: < 0.9.8j-106.9.1
- (no CPE)range: < 0.9.8j-106.9.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 2.4.1-24.39.67.1
- (no CPE)range: < 2.4.1-24.39.67.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 2.4.1-24.39.67.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 2.4.1-24.39.67.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 3.2.15-16.1
- (no CPE)range: < 1.0.1g-0.57.1
- (no CPE)range: < 1.0.1i-54.5.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 1.0.1i-54.5.1
- (no CPE)range: < 1.0.1i-54.20.1
- (no CPE)range: < 1.0.1i-27.28.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 1.0.1i-54.5.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 1.0.1i-54.5.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
- (no CPE)range: < 0.9.8j-0.105.1
Patches
Vulnerability mechanics
References
28- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.oracle.com/security-alerts/cpuapr2020.htmlnvdPatchThird Party Advisory
- www.oracle.com/security-alerts/cpujan2020.htmlnvdPatchThird Party Advisory
- www.oracle.com/security-alerts/cpujul2020.htmlnvdPatchThird Party Advisory
- www.oracle.com/security-alerts/cpuoct2020.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlnvdPatchThird Party Advisory
- rhn.redhat.com/errata/RHSA-2017-0286.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2017-0574.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2017-1415.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2017-1659.htmlnvdThird Party Advisory
- seclists.org/oss-sec/2016/q4/224nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/93841nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037084nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:1413nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1414nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1658nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1801nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:1802nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2493nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2494nvdThird Party Advisory
- security.360.cn/cve/CVE-2016-8610/nvdThird Party Advisory
- security.freebsd.org/advisories/FreeBSD-SA-16:35.openssl.ascnvdThird Party Advisory
- security.netapp.com/advisory/ntap-20171130-0001/nvdThird Party Advisory
- security.paloaltonetworks.com/CVE-2016-8610nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- www.debian.org/security/2017/dsa-3773nvdThird Party Advisory
- git.openssl.org/gitweb/nvdBroken Link
News mentions
0No linked articles in our index yet.