5.0
MEDIUM
CVE-2015-2808
OpenSSL TLS SSL RC4 Plaintext Recovery
Description
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
INFO
Published Date :
April 1, 2015, 2 a.m.
Last Modified :
Nov. 21, 2024, 2:28 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
2.9
Exploitability Score :
10.0
Public PoC/Exploit Available at Github
CVE-2015-2808 has a 19 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
Affected Products
The following products are affected by CVE-2015-2808
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2015-2808.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Домашнее задание к занятию «Элементы безопасности информационных систем»
Updated: 1 year, 5 months ago
0 stars
0 fork
0 watcher
Born at : April 5, 2023, 10:39 a.m.
This repo has been linked 17 different CVEs too.
None
Updated: 1 year, 8 months ago
0 stars
0 fork
0 watcher
Born at : March 13, 2023, 9:44 a.m.
This repo has been linked 17 different CVEs too.
None
Updated: 1 year, 9 months ago
0 stars
0 fork
0 watcher
Born at : Feb. 11, 2023, 7:59 a.m.
This repo has been linked 17 different CVEs too.
None
HCL Dockerfile Shell Ruby Go Jinja Python PowerShell HTML CSS
Updated: 1 year, 9 months ago
1 stars
0 fork
0 watcher
Born at : Jan. 17, 2023, 3:17 p.m.
This repo has been linked 17 different CVEs too.
Map Vulnerabilities into Different Layers of the Container Image
Python
Updated: 1 year, 10 months ago
1 stars
0 fork
0 watcher
Born at : Oct. 5, 2022, 12:07 p.m.
This repo has been linked 1276 different CVEs too.
None
Updated: 2 years, 4 months ago
0 stars
0 fork
0 watcher
Born at : July 5, 2022, 8:10 p.m.
This repo has been linked 16 different CVEs too.
None
Updated: 2 years, 5 months ago
0 stars
0 fork
0 watcher
Born at : June 1, 2022, 3:06 p.m.
This repo has been linked 16 different CVEs too.
None
Updated: 2 years, 8 months ago
0 stars
0 fork
0 watcher
Born at : Feb. 26, 2022, 11:12 a.m.
This repo has been linked 17 different CVEs too.
None
Updated: 2 years, 9 months ago
0 stars
0 fork
0 watcher
Born at : Feb. 21, 2022, 3:41 p.m.
This repo has been linked 17 different CVEs too.
None
Updated: 2 years, 11 months ago
0 stars
0 fork
0 watcher
Born at : Dec. 21, 2021, 3:09 p.m.
This repo has been linked 17 different CVEs too.
None
Shell Dockerfile HTML HCL Jinja
Updated: 2 years, 6 months ago
0 stars
0 fork
0 watcher
Born at : Dec. 11, 2021, 10:14 a.m.
This repo has been linked 17 different CVEs too.
None
Updated: 2 years, 11 months ago
0 stars
0 fork
0 watcher
Born at : Dec. 1, 2021, 8:09 a.m.
This repo has been linked 17 different CVEs too.
None
Shell HTML HCL Makefile Go Smarty Jsonnet Dockerfile Python
Updated: 1 year, 9 months ago
0 stars
1 fork
1 watcher
Born at : Nov. 30, 2021, 4:56 p.m.
This repo has been linked 17 different CVEs too.
None
Shell Ruby HTML CSS Python PHP Dockerfile HCL Go Jinja
Updated: 1 year, 9 months ago
1 stars
0 fork
0 watcher
Born at : Oct. 28, 2021, 1:33 p.m.
This repo has been linked 17 different CVEs too.
None
Shell HCL
Updated: 2 years, 4 months ago
0 stars
7 fork
7 watcher
Born at : Oct. 26, 2021, 11:48 a.m.
This repo has been linked 17 different CVEs too.
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2015-2808 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2015-2808 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Modified by [email protected]
Sep. 07, 2023
Action Type Old Value New Value Added Reference https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/ [No Types Assigned] -
Modified Analysis by [email protected]
Nov. 23, 2020
Action Type Old Value New Value Removed CVSS V2 NIST (AV:N/AC:M/Au:N/C:P/I:N/A:N) Added CVSS V2 NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N) Changed Reference Type http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 No Types Assigned http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 Third Party Advisory Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 Third Party Advisory Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html Mailing List, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143456209711959&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143456209711959&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143629696317098&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143629696317098&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143741441012338&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143741441012338&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143817021313142&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143817021313142&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143817899717054&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143817899717054&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=143818140118771&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=143818140118771&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144043644216842&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144043644216842&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144059660127919&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144059660127919&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144059703728085&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144059703728085&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144060576831314&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144060576831314&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144060606031437&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144060606031437&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144069189622016&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144069189622016&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144102017024820&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144102017024820&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144104533800819&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144104533800819&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144104565600964&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144104565600964&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=144493176821532&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=144493176821532&w=2 Issue Tracking, Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1006.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1006.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1007.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1007.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1020.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1020.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1021.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1021.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1091.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1091.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1228.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1228.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1229.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1229.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1230.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1230.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1241.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1241.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1242.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1242.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1243.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1243.html Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2015-1526.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2015-1526.html Third Party Advisory Changed Reference Type http://www.debian.org/security/2015/dsa-3316 No Types Assigned http://www.debian.org/security/2015/dsa-3316 Third Party Advisory Changed Reference Type http://www.debian.org/security/2015/dsa-3339 No Types Assigned http://www.debian.org/security/2015/dsa-3339 Third Party Advisory Changed Reference Type http://www.huawei.com/en/psirt/security-advisories/hw-454055 No Types Assigned http://www.huawei.com/en/psirt/security-advisories/hw-454055 Third Party Advisory Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Third Party Advisory Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch, Third Party Advisory Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory Changed Reference Type http://www.securityfocus.com/bid/73684 No Types Assigned http://www.securityfocus.com/bid/73684 Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/bid/91787 No Types Assigned http://www.securityfocus.com/bid/91787 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032599 No Types Assigned http://www.securitytracker.com/id/1032599 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032600 No Types Assigned http://www.securitytracker.com/id/1032600 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032707 No Types Assigned http://www.securitytracker.com/id/1032707 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032708 No Types Assigned http://www.securitytracker.com/id/1032708 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032734 No Types Assigned http://www.securitytracker.com/id/1032734 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032788 No Types Assigned http://www.securitytracker.com/id/1032788 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032858 No Types Assigned http://www.securitytracker.com/id/1032858 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032868 No Types Assigned http://www.securitytracker.com/id/1032868 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032910 No Types Assigned http://www.securitytracker.com/id/1032910 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1032990 No Types Assigned http://www.securitytracker.com/id/1032990 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033071 No Types Assigned http://www.securitytracker.com/id/1033071 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033072 No Types Assigned http://www.securitytracker.com/id/1033072 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033386 No Types Assigned http://www.securitytracker.com/id/1033386 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033415 No Types Assigned http://www.securitytracker.com/id/1033415 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033431 No Types Assigned http://www.securitytracker.com/id/1033431 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033432 No Types Assigned http://www.securitytracker.com/id/1033432 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033737 No Types Assigned http://www.securitytracker.com/id/1033737 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1033769 No Types Assigned http://www.securitytracker.com/id/1033769 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id/1036222 No Types Assigned http://www.securitytracker.com/id/1036222 Third Party Advisory, VDB Entry Changed Reference Type http://www.ubuntu.com/usn/USN-2696-1 No Types Assigned http://www.ubuntu.com/usn/USN-2696-1 Third Party Advisory Changed Reference Type http://www.ubuntu.com/usn/USN-2706-1 No Types Assigned http://www.ubuntu.com/usn/USN-2706-1 Third Party Advisory Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 Third Party Advisory Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892 Third Party Advisory Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21883640 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21883640 Third Party Advisory Changed Reference Type http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm No Types Assigned http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm Third Party Advisory Changed Reference Type http://www-304.ibm.com/support/docview.wss?uid=swg21903565 No Types Assigned http://www-304.ibm.com/support/docview.wss?uid=swg21903565 Third Party Advisory Changed Reference Type http://www-304.ibm.com/support/docview.wss?uid=swg21960015 No Types Assigned http://www-304.ibm.com/support/docview.wss?uid=swg21960015 Third Party Advisory Changed Reference Type http://www-304.ibm.com/support/docview.wss?uid=swg21960769 No Types Assigned http://www-304.ibm.com/support/docview.wss?uid=swg21960769 Third Party Advisory Changed Reference Type https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922 No Types Assigned https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246 Third Party Advisory Changed Reference Type https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789 No Types Assigned https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650 No Types Assigned https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380 No Types Assigned https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 Third Party Advisory Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 Third Party Advisory Changed Reference Type https://kb.juniper.net/JSA10783 No Types Assigned https://kb.juniper.net/JSA10783 Third Party Advisory Changed Reference Type https://kc.mcafee.com/corporate/index?page=content&id=SB10163 No Types Assigned https://kc.mcafee.com/corporate/index?page=content&id=SB10163 Broken Link Changed Reference Type https://security.gentoo.org/glsa/201512-10 No Types Assigned https://security.gentoo.org/glsa/201512-10 Third Party Advisory Changed Reference Type https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf Vendor Advisory https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf Technical Description, Third Party Advisory Changed Reference Type https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709 No Types Assigned https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709 Third Party Advisory Removed CWE NIST CWE-310 Added CWE NIST CWE-327 Removed CPE Configuration OR *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* *cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:* *cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:* *cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* *cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:* Removed CPE Configuration OR *cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:* *cpe:2.3:a:jboss:jboss_enterprise_application_server:*:*:*:*:*:*:*:* *cpe:2.3:a:microsoft:iis:*:*:*:*:*:*:*:* *cpe:2.3:a:oracle:glassfish:*:*:*:*:*:*:*:* *cpe:2.3:a:sun:glassfish_enterprise_server:*:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.9.0 *cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:* versions up to (excluding) 9.9.2 *cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:* *cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:* *cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 3.0.0 up to (including) 3.2.11 *cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (including) 4.0.4 Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:* *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:* *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:* *cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:* OR cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:* Added CPE Configuration OR *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:* OR cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121 OR cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121 OR cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121 OR cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121 OR cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:* versions from (including) xcp up to (excluding) xcp_1121 OR cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:e9000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_cse:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_s2600t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_s5500t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_s5600t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_s5800t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_s6800t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:oceanstor_vis6600t:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s3700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700ei_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700ei:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700hi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700hi:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700si_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700si:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5710ei_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5710ei:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5710hi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5710hi:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s6700_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:s5720ei_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:s5720ei:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:huawei:te60_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:* *cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:* *cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:* *cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:* *cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:* *cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:* *cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:* *cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:* *cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:* *cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:* *cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:* *cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:* -
CVE Modified by [email protected]
Jan. 18, 2018
Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html [No Types Assigned] -
CVE Modified by [email protected]
Jan. 05, 2018
Action Type Old Value New Value Added Reference http://rhn.redhat.com/errata/RHSA-2015-1243.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1242.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1241.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1230.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1229.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1228.html [No Types Assigned] -
CVE Modified by [email protected]
Nov. 08, 2017
Action Type Old Value New Value Added Reference https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922 [No Types Assigned] -
CVE Modified by [email protected]
Nov. 04, 2017
Action Type Old Value New Value Added Reference http://www.debian.org/security/2015/dsa-3316 [No Types Assigned] -
CVE Modified by [email protected]
Oct. 20, 2017
Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned] -
CVE Modified by [email protected]
Sep. 23, 2017
Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1032600 [No Types Assigned] -
CVE Modified by [email protected]
Sep. 22, 2017
Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1032990 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032910 [No Types Assigned] -
CVE Modified by [email protected]
Sep. 21, 2017
Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1033072 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033071 [No Types Assigned] -
CVE Modified by [email protected]
Sep. 06, 2017
Action Type Old Value New Value Removed Reference http://marc.info/?l=bugtraq&m=143629738517220&w=2 [No Types Assigned] Removed Reference https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04708650 [No Types Assigned] Added Reference https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380 [No Types Assigned] Added Reference https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650 [No Types Assigned] -
CVE Modified by [email protected]
Sep. 01, 2017
Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1036222 [No Types Assigned] -
CVE Modified by [email protected]
May. 24, 2017
Action Type Old Value New Value Added Reference https://kb.juniper.net/JSA10783 [No Types Assigned] -
CVE Modified by [email protected]
Jan. 03, 2017
Action Type Old Value New Value Added Reference http://www.securityfocus.com/bid/73684 [No Types Assigned] -
CVE Modified by [email protected]
Dec. 28, 2016
Action Type Old Value New Value Added Reference http://www-304.ibm.com/support/docview.wss?uid=swg21960769 [No Types Assigned] Added Reference http://www-304.ibm.com/support/docview.wss?uid=swg21960015 [No Types Assigned] Added Reference http://www-304.ibm.com/support/docview.wss?uid=swg21903565 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032868 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032858 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032788 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032734 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032708 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1032707 [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1091.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1021.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1020.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1007.html [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1006.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html [No Types Assigned] -
CVE Modified by [email protected]
Dec. 24, 2016
Action Type Old Value New Value Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241 [No Types Assigned] Added Reference http://www.ubuntu.com/usn/USN-2706-1 [No Types Assigned] Added Reference http://www.ubuntu.com/usn/USN-2696-1 [No Types Assigned] Added Reference http://www.debian.org/security/2015/dsa-3339 [No Types Assigned] Added Reference http://rhn.redhat.com/errata/RHSA-2015-1526.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html [No Types Assigned] -
CVE Modified by [email protected]
Dec. 22, 2016
Action Type Old Value New Value Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256 [No Types Assigned] Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119 [No Types Assigned] Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190 [No Types Assigned] Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033432 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033431 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033415 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033386 [No Types Assigned] -
CVE Modified by [email protected]
Dec. 08, 2016
Action Type Old Value New Value Added Reference https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033769 [No Types Assigned] Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 [No Types Assigned] Added Reference http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 [No Types Assigned] Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246 [No Types Assigned] Added Reference http://www.securitytracker.com/id/1033737 [No Types Assigned] -
CVE Modified by [email protected]
Dec. 07, 2016
Action Type Old Value New Value Removed Reference http://marc.info/?l=bugtraq&m=145249627028751&w=2 [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html [No Types Assigned] Added Reference https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789 [No Types Assigned] Added Reference https://security.gentoo.org/glsa/201512-10 [No Types Assigned] Added Reference http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html [No Types Assigned] Added Reference http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html [No Types Assigned] -
CVE Modified by [email protected]
Dec. 03, 2016
Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1032599 [No Types Assigned] Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 [No Types Assigned] -
CVE Modified by [email protected]
Nov. 28, 2016
Action Type Old Value New Value Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10163 [No Types Assigned] -
CVE Modified by [email protected]
Nov. 22, 2016
Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 [No Types Assigned] -
CVE Modified by [email protected]
Sep. 28, 2016
Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 -
CVE Modified by [email protected]
Aug. 23, 2016
Action Type Old Value New Value Added Reference http://marc.info/?l=bugtraq&m=143629738517220&w=2 Added Reference http://marc.info/?l=bugtraq&m=144060576831314&w=2 Added Reference http://marc.info/?l=bugtraq&m=144069189622016&w=2 Added Reference http://marc.info/?l=bugtraq&m=144493176821532&w=2 Added Reference http://marc.info/?l=bugtraq&m=144102017024820&w=2 Added Reference http://marc.info/?l=bugtraq&m=143629696317098&w=2 Added Reference http://marc.info/?l=bugtraq&m=144043644216842&w=2 Added Reference http://marc.info/?l=bugtraq&m=144059660127919&w=2 Added Reference http://marc.info/?l=bugtraq&m=144059703728085&w=2 Added Reference http://marc.info/?l=bugtraq&m=144104565600964&w=2 Added Reference http://marc.info/?l=bugtraq&m=143456209711959&w=2 Added Reference http://marc.info/?l=bugtraq&m=144104533800819&w=2 Added Reference http://marc.info/?l=bugtraq&m=144060606031437&w=2 -
CVE Modified by [email protected]
Aug. 20, 2016
Action Type Old Value New Value Added Reference http://marc.info/?l=bugtraq&m=145249627028751&w=2 -
CVE Modified by [email protected]
Aug. 17, 2016
Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347 -
CVE Modified by [email protected]
Aug. 09, 2016
Action Type Old Value New Value Added Reference http://www.securityfocus.com/bid/91787 -
CVE Modified by [email protected]
Jul. 22, 2016
Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html -
CVE Modified by [email protected]
Jun. 15, 2016
Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988 -
CVE Modified by [email protected]
Jun. 03, 2016
Action Type Old Value New Value Added Reference http://www.huawei.com/en/psirt/security-advisories/hw-454055 -
CVE Modified by [email protected]
Apr. 22, 2016
Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html -
CVE Modified by [email protected]
Aug. 18, 2015
Action Type Old Value New Value Added Reference http://marc.info/?l=bugtraq&m=143817021313142&w=2 Added Reference http://marc.info/?l=bugtraq&m=143817899717054&w=2 Added Reference http://marc.info/?l=bugtraq&m=143741441012338&w=2 Added Reference http://marc.info/?l=bugtraq&m=143818140118771&w=2 -
CVE Modified by [email protected]
Jul. 17, 2015
Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html -
CVE Modified by [email protected]
Jul. 06, 2015
Action Type Old Value New Value Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21883640 Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892 -
CVE Modified by [email protected]
Jun. 26, 2015
Action Type Old Value New Value Added Reference https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04708650 -
Modified Analysis by [email protected]
Apr. 01, 2015
Action Type Old Value New Value Added CPE Configuration Configuration 1 OR *cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:* *cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* *cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:* *cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:* *cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:microsoft:iis:*:*:*:*:*:*:*:* *cpe:2.3:a:jboss:jboss_enterprise_application_server:*:*:*:*:*:*:*:* *cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:* *cpe:2.3:a:sun:glassfish_enterprise_server:*:*:*:*:*:*:*:* *cpe:2.3:a:oracle:glassfish:*:*:*:*:*:*:*:* Added CVSS V2 (AV:N/AC:M/Au:N/C:P/I:N/A:N) Changed Reference Type https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf No Types Assigned https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf Advisory Added CWE CWE-310 -
Initial Analysis by [email protected]
Apr. 01, 2015
Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity
being observed over the next 30 days. Following chart shows the EPSS
score history of the vulnerability.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2015-2808 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2015-2808
weaknesses.
CAPEC-20: Encryption Brute Forcing Encryption Brute Forcing
CAPEC-97: Cryptanalysis Cryptanalysis
CAPEC-459: Creating a Rogue Certification Authority Certificate Creating a Rogue Certification Authority Certificate
CAPEC-473: Signature Spoof Signature Spoof
CAPEC-475: Signature Spoofing by Improper Validation Signature Spoofing by Improper Validation
CAPEC-608: Cryptanalysis of Cellular Encryption Cryptanalysis of Cellular Encryption
CAPEC-614: Rooting SIM Cards Rooting SIM Cards
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
0.31 }} 0.01%
score
0.70531
percentile
CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability