CVE-2021-43085

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0

Description The issue is related to an error in the CMAC Final() function implementation, which can lead to incorrect encryption results. This can potentially allow a remote attacker to access protected information.

Recommendations For OpenSSL version 3.0, consider disabling the CMAC Final() function as a temporary workaround until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation.