VYPR
High severity7.5NVD Advisory· Published May 4, 2017· Updated Jun 17, 2026

CVE-2017-3733

CVE-2017-3733

Description

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:hp:operations_agent:11.14:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:hp:operations_agent:11.14:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_agent:11.15:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*
    • (no CPE)range: openssl-1.1.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.