Nessus is labeling the severity as medium

Christian Heinrich christian.heinrich at
Wed Apr 5 03:19:47 UTC 2023


The CVSS Base Score is reduced when calculated against the CVSS
Temporal and Environmental Metrics. should be amended to
state that 1.1.1u is not available yet.

On Tue, 4 Apr 2023 at 23:16, Joslin, Jack via openssl-users
<openssl-users at> wrote:
> Plugin Plugin Name Severity Plugin Output Solution Risk Factor CVE
> 173260 OpenSSL 1.1.1 < 1.1.1u Multiple Vulnerabilities Medium Plugin Output:
>   Banner           : Apache/2.4.56 (Unix) OpenSSL/1.1.1t mod_perl/2.0.9 Perl/v5.8.8
>   Reported version : 1.1.1t
>   Fixed version    : 1.1.1u Upgrade to OpenSSL version 1.1.1u or later. Medium CVE-2023-0464, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466

Christian Heinrich

More information about the openssl-users mailing list