CVE-2013-6450

N/A Unknown

Published: January 01, 2014 Modified: April 29, 2026

Description

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=34628967f1e65dc8f34e000f0f5518e21afbfc7b

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2014-01/msg00031.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2014-01/msg00032.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0015.html

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2014/Dec/23

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-201412-39.xml

Source: secalert@redhat.com

http://www-01.ibm.com/support/docview.wss?uid=isg400001841

Source: secalert@redhat.com

http://www-01.ibm.com/support/docview.wss?uid=isg400001843

Source: secalert@redhat.com

http://www.debian.org/security/2014/dsa-2833

Source: secalert@redhat.com

http://www.openssl.org/news/vulnerabilities.html

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/64618

Source: secalert@redhat.com

http://www.securitytracker.com/id/1029549

Source: secalert@redhat.com

http://www.securitytracker.com/id/1031594

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2079-1

Source: secalert@redhat.com

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: secalert@redhat.com

https://puppet.com/security/cve/cve-2013-6450

Source: secalert@redhat.com

https://security-tracker.debian.org/tracker/CVE-2013-6450

Source: secalert@redhat.com

http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=34628967f1e65dc8f34e000f0f5518e21afbfc7b

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-01/msg00031.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-01/msg00032.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0015.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2014/Dec/23

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201412-39.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=isg400001841

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=isg400001843

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2014/dsa-2833

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openssl.org/news/vulnerabilities.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/64618

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1029549

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1031594

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2079-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://puppet.com/security/cve/cve-2013-6450

Source: af854a3a-2127-422b-91ae-364da2661108

https://security-tracker.debian.org/tracker/CVE-2013-6450

Source: af854a3a-2127-422b-91ae-364da2661108

44 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

19.7%

95th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-310

Affected Vendors

openssl

Related CVEs

CVE-2026-8654 N/A

CVE-2026-6646 6.4

CVE-2026-4094 8.1

CVE-2026-41702 7.8

CVE-2026-43490 N/A