The host is installed with OpenSSL and is prone to security bypass vulnerability. A flaw is present in EVP_PKEY_verify_recover function, which returns uninitialized buffer instead of an error code when the verification recovery process fails. Successful exploitation allow remote attackers to bypass intended RSA key validation and obtain sensitive information.