// For flags

CVE-2014-0224

openssl: SSL/TLS MITM vulnerability

Severity Score

7.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.

OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h no restringe debidamente el procesamiento de mensajes ChangeCipherSpec, lo que permite a atacantes man-in-the-middle provocar el uso de una clave maestra de longitud cero en ciertas comunicaciones OpenSSL-a-OpenSSL, y como consecuencia secuestrar sesiones u obtener información sensible, a través de una negociación TLS manipulada, también conocido como la vulnerabilidad de 'inyección CCS'.

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-06-05 CVE Published
  • 2014-06-06 First Exploit
  • 2024-08-06 CVE Updated
  • 2024-10-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-326: Inadequate Encryption Strength
  • CWE-841: Improper Enforcement of Behavioral Workflow
CAPEC
References (311)
URL Tag Source
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc Third Party Advisory
http://ccsinjection.lepidum.co.jp Third Party Advisory
http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html Third Party Advisory
http://esupport.trendmicro.com/solution/en-US/1103813.aspx Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Not Applicable
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Not Applicable
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217 Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1053.html Third Party Advisory
http://puppetlabs.com/security/cve/cve-2014-0224 Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List
http://seclists.org/fulldisclosure/2014/Jun/38 Mailing List
http://secunia.com/advisories/58128 Third Party Advisory
http://secunia.com/advisories/58337 Third Party Advisory
http://secunia.com/advisories/58385 Third Party Advisory
http://secunia.com/advisories/58433 Third Party Advisory
http://secunia.com/advisories/58492 Third Party Advisory
http://secunia.com/advisories/58579 Third Party Advisory
http://secunia.com/advisories/58615 Third Party Advisory
http://secunia.com/advisories/58639 Third Party Advisory
http://secunia.com/advisories/58660 Third Party Advisory
http://secunia.com/advisories/58667 Third Party Advisory
http://secunia.com/advisories/58713 Third Party Advisory
http://secunia.com/advisories/58714 Third Party Advisory
http://secunia.com/advisories/58716 Third Party Advisory
http://secunia.com/advisories/58719 Third Party Advisory
http://secunia.com/advisories/58742 Third Party Advisory
http://secunia.com/advisories/58743 Third Party Advisory
http://secunia.com/advisories/58745 Third Party Advisory
http://secunia.com/advisories/58759 Third Party Advisory
http://secunia.com/advisories/58930 Third Party Advisory
http://secunia.com/advisories/58939 Third Party Advisory
http://secunia.com/advisories/58945 Third Party Advisory
http://secunia.com/advisories/58977 Third Party Advisory
http://secunia.com/advisories/59004 Third Party Advisory
http://secunia.com/advisories/59012 Third Party Advisory
http://secunia.com/advisories/59040 Third Party Advisory
http://secunia.com/advisories/59043 Third Party Advisory
http://secunia.com/advisories/59055 Third Party Advisory
http://secunia.com/advisories/59063 Third Party Advisory
http://secunia.com/advisories/59093 Third Party Advisory
http://secunia.com/advisories/59101 Third Party Advisory
http://secunia.com/advisories/59120 Third Party Advisory
http://secunia.com/advisories/59126 Third Party Advisory
http://secunia.com/advisories/59132 Third Party Advisory
http://secunia.com/advisories/59135 Third Party Advisory
http://secunia.com/advisories/59142 Third Party Advisory
http://secunia.com/advisories/59162 Third Party Advisory
http://secunia.com/advisories/59163 Third Party Advisory
http://secunia.com/advisories/59167 Third Party Advisory
http://secunia.com/advisories/59175 Third Party Advisory
http://secunia.com/advisories/59186 Third Party Advisory
http://secunia.com/advisories/59188 Third Party Advisory
http://secunia.com/advisories/59189 Third Party Advisory
http://secunia.com/advisories/59190 Third Party Advisory
http://secunia.com/advisories/59191 Third Party Advisory
http://secunia.com/advisories/59192 Third Party Advisory
http://secunia.com/advisories/59202 Third Party Advisory
http://secunia.com/advisories/59211 Third Party Advisory
http://secunia.com/advisories/59214 Third Party Advisory
http://secunia.com/advisories/59215 Third Party Advisory
http://secunia.com/advisories/59223 Third Party Advisory
http://secunia.com/advisories/59231 Third Party Advisory
http://secunia.com/advisories/59264 Third Party Advisory
http://secunia.com/advisories/59282 Third Party Advisory
http://secunia.com/advisories/59284 Third Party Advisory
http://secunia.com/advisories/59287 Third Party Advisory
http://secunia.com/advisories/59300 Third Party Advisory
http://secunia.com/advisories/59301 Third Party Advisory
http://secunia.com/advisories/59305 Third Party Advisory
http://secunia.com/advisories/59306 Third Party Advisory
http://secunia.com/advisories/59310 Third Party Advisory
http://secunia.com/advisories/59325 Third Party Advisory
http://secunia.com/advisories/59338 Third Party Advisory
http://secunia.com/advisories/59342 Third Party Advisory
http://secunia.com/advisories/59347 Third Party Advisory
http://secunia.com/advisories/59354 Third Party Advisory
http://secunia.com/advisories/59362 Third Party Advisory
http://secunia.com/advisories/59364 Third Party Advisory
http://secunia.com/advisories/59365 Third Party Advisory
http://secunia.com/advisories/59368 Third Party Advisory
http://secunia.com/advisories/59370 Third Party Advisory
http://secunia.com/advisories/59374 Third Party Advisory
http://secunia.com/advisories/59375 Third Party Advisory
http://secunia.com/advisories/59380 Third Party Advisory
http://secunia.com/advisories/59383 Third Party Advisory
http://secunia.com/advisories/59389 Third Party Advisory
http://secunia.com/advisories/59413 Third Party Advisory
http://secunia.com/advisories/59429 Third Party Advisory
http://secunia.com/advisories/59435 Third Party Advisory
http://secunia.com/advisories/59437 Third Party Advisory
http://secunia.com/advisories/59438 Third Party Advisory
http://secunia.com/advisories/59440 Third Party Advisory
http://secunia.com/advisories/59441 Third Party Advisory
http://secunia.com/advisories/59442 Third Party Advisory
http://secunia.com/advisories/59444 Third Party Advisory
http://secunia.com/advisories/59445 Third Party Advisory
http://secunia.com/advisories/59446 Third Party Advisory
http://secunia.com/advisories/59447 Third Party Advisory
http://secunia.com/advisories/59448 Third Party Advisory
http://secunia.com/advisories/59449 Third Party Advisory
http://secunia.com/advisories/59450 Third Party Advisory
http://secunia.com/advisories/59451 Third Party Advisory
http://secunia.com/advisories/59454 Third Party Advisory
http://secunia.com/advisories/59459 Third Party Advisory
http://secunia.com/advisories/59460 Third Party Advisory
http://secunia.com/advisories/59483 Third Party Advisory
http://secunia.com/advisories/59490 Third Party Advisory
http://secunia.com/advisories/59491 Third Party Advisory
http://secunia.com/advisories/59495 Third Party Advisory
http://secunia.com/advisories/59502 Third Party Advisory
http://secunia.com/advisories/59506 Third Party Advisory
http://secunia.com/advisories/59514 Third Party Advisory
http://secunia.com/advisories/59518 Third Party Advisory
http://secunia.com/advisories/59525 Third Party Advisory
http://secunia.com/advisories/59528 Third Party Advisory
http://secunia.com/advisories/59529 Third Party Advisory
http://secunia.com/advisories/59530 Third Party Advisory
http://secunia.com/advisories/59589 Third Party Advisory
http://secunia.com/advisories/59602 Third Party Advisory
http://secunia.com/advisories/59655 Third Party Advisory
http://secunia.com/advisories/59659 Third Party Advisory
http://secunia.com/advisories/59661 Third Party Advisory
http://secunia.com/advisories/59666 Third Party Advisory
http://secunia.com/advisories/59669 Third Party Advisory
http://secunia.com/advisories/59677 Third Party Advisory
http://secunia.com/advisories/59721 Third Party Advisory
http://secunia.com/advisories/59784 Third Party Advisory
http://secunia.com/advisories/59824 Third Party Advisory
http://secunia.com/advisories/59827 Third Party Advisory
http://secunia.com/advisories/59878 Third Party Advisory
http://secunia.com/advisories/59885 Third Party Advisory
http://secunia.com/advisories/59894 Third Party Advisory
http://secunia.com/advisories/59916 Third Party Advisory
http://secunia.com/advisories/59990 Third Party Advisory
http://secunia.com/advisories/60049 Third Party Advisory
http://secunia.com/advisories/60066 Third Party Advisory
http://secunia.com/advisories/60176 Third Party Advisory
http://secunia.com/advisories/60522 Third Party Advisory
http://secunia.com/advisories/60567 Third Party Advisory
http://secunia.com/advisories/60571 Third Party Advisory
http://secunia.com/advisories/60577 Third Party Advisory
http://secunia.com/advisories/60819 Third Party Advisory
http://secunia.com/advisories/61254 Third Party Advisory
http://secunia.com/advisories/61815 Third Party Advisory
http://support.apple.com/kb/HT6443 Third Party Advisory
http://support.citrix.com/article/CTX140876 Third Party Advisory
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001841 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg400001843 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020172 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004690 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21675626 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21675821 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676071 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676333 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676334 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676478 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676496 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676501 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676536 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676615 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676644 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676786 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676833 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676845 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677080 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677131 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677390 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677567 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678233 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678289 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037727 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037729 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037730 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037731 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037732 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037761 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24037870 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095740 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737 Third Party Advisory
http://www.blackberry.com/btsc/KB36051 Third Party Advisory
http://www.f-secure.com/en/web/labs_global/fsc-2014-6 Third Party Advisory
http://www.fortiguard.com/advisory/FG-IR-14-018 Third Party Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg3T1020948 Broken Link
http://www.ibm.com/support/docview.wss?uid=ssg1S1004678 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21676793 Broken Link
http://www.ibm.com/support/docview.wss?uid=swg21676877 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf Third Party Advisory
http://www.kb.cert.org/vuls/id/978508 Third Party Advisory
http://www.kerio.com/support/kerio-control/release-history Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015264 Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015300 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded Mailing List
http://www.securitytracker.com/id/1031032 Third Party Advisory
http://www.securitytracker.com/id/1031594 Third Party Advisory
http://www.splunk.com/view/SP-CAAAM2D Third Party Advisory
http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 Third Party Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6060&myns=phmc&mync=E Third Party Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=6061&myns=phmc&mync=E Third Party Advisory
https://access.redhat.com/site/blogs/766093/posts/908133 Third Party Advisory
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues Third Party Advisory
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf Third Party Advisory
https://discussions.nessus.org/thread/7517 Third Party Advisory
https://filezilla-project.org/versions.php?type=server Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=bc8923b1ec9c467755cd86f7848c50ee8812e441 X_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA80 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005 Broken Link
https://www.ibm.com/support/docview.wss?uid=ssg1S1004670 Third Party Advisory
https://www.ibm.com/support/docview.wss?uid=ssg1S1004671 Third Party Advisory
https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_SNARE_for_MSSQL.pdf Third Party Advisory
https://www.intersectalliance.com/wp-content/uploads/release_notes/ReleaseNotes_for_Snare_for_Windows.pdf Third Party Advisory
https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory
http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html
http://www.tripwire.com/state-of-security/incident-detection/detection-script-for-cve-2014-0224-openssl-cipher-change-spec-injection
URL Date SRC
https://github.com/secretnonempty/CVE-2014-0224 2014-07-18
https://github.com/iph0n3/CVE-2014-0224 2014-06-06
https://www.imperialviolet.org/2014/06/05/earlyccs.html 2024-08-06
URL Date SRC
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html 2023-11-07
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html 2023-11-07
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html 2023-11-07
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html 2023-11-07
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html 2023-11-07
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html 2023-11-07
http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html 2023-11-07
http://marc.info/?l=bugtraq&m=140266410314613&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140317760000786&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140369637402535&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140386311427810&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140389274407904&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140389355508263&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140431828824371&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140448122410568&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140482916501310&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140491231331543&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140499864129699&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140544599631400&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140604261522465&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140621259019789&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140672208601650&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140752315422991&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140784085708882&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140794476212181&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140852757108392&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140852826008699&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140870499402361&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140904544427729&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=140983229106599&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141025641601169&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141147110427269&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141164638606214&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141383410222440&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141383465822787&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=141658880509699&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=142350350616251&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=142546741516006&w=2 2023-11-07
http://marc.info/?l=bugtraq&m=142805027510172&w=2 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0624.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0626.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0627.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0630.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0631.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0632.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0633.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-0680.html 2023-11-07
http://security.gentoo.org/glsa/glsa-201407-05.xml 2023-11-07
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl 2023-11-07
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61506 2023-11-07
http://www.ibm.com/support/docview.wss?uid=swg1IT02314 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2014:105 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2014:106 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 2023-11-07
http://www.openssl.org/news/secadv_20140605.txt 2023-11-07
https://bugzilla.redhat.com/show_bug.cgi?id=1103586 2014-06-10
https://access.redhat.com/security/cve/CVE-2014-0224 2014-06-10
https://access.redhat.com/security/vulnerabilities/OpenSSL-CCS-Injection 2014-06-10
https://access.redhat.com/site/articles/904433 2014-06-10
https://access.redhat.com/site/solutions/905793 2014-06-10
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Siemens
Search vendor "Siemens"
 Application Processing Engine Firmware
Search vendor "Siemens" for product "Application Processing Engine Firmware"
 < 2.0.2
Search vendor "Siemens" for product "Application Processing Engine Firmware" and version " < 2.0.2"
-
Affected
in Siemens
Search vendor "Siemens"
 Application Processing Engine
Search vendor "Siemens" for product "Application Processing Engine"
--
Safe
Siemens
Search vendor "Siemens"
 Cp1543-1 Firmware
Search vendor "Siemens" for product "Cp1543-1 Firmware"
 < 1.1.25
Search vendor "Siemens" for product "Cp1543-1 Firmware" and version " < 1.1.25"
-
Affected
in Siemens
Search vendor "Siemens"
 Cp1543-1
Search vendor "Siemens" for product "Cp1543-1"
--
Safe
Siemens
Search vendor "Siemens"
 S7-1500 Firmware
Search vendor "Siemens" for product "S7-1500 Firmware"
 < 1.6
Search vendor "Siemens" for product "S7-1500 Firmware" and version " < 1.6"
-
Affected
in Siemens
Search vendor "Siemens"
 S7-1500
Search vendor "Siemens" for product "S7-1500"
--
Safe
Siemens
Search vendor "Siemens"
 Rox Firmware
Search vendor "Siemens" for product "Rox Firmware"
 < 1.16.1
Search vendor "Siemens" for product "Rox Firmware" and version " < 1.16.1"
-
Affected
in Siemens
Search vendor "Siemens"
 Rox
Search vendor "Siemens" for product "Rox"
--
Safe
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 < 0.9.8za
Search vendor "Openssl" for product "Openssl" and version " < 0.9.8za"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 >= 1.0.0 < 1.0.0m
Search vendor "Openssl" for product "Openssl" and version " >= 1.0.0 < 1.0.0m"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 >= 1.0.1 < 1.0.1h
Search vendor "Openssl" for product "Openssl" and version " >= 1.0.1 < 1.0.1h"
-
Affected
Redhat
Search vendor "Redhat"
 Jboss Enterprise Application Platform
Search vendor "Redhat" for product "Jboss Enterprise Application Platform"
 5.2.0
Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.2.0"
-
Affected
Redhat
Search vendor "Redhat"
 Jboss Enterprise Application Platform
Search vendor "Redhat" for product "Jboss Enterprise Application Platform"
 6.2.3
Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "6.2.3"
-
Affected
Redhat
Search vendor "Redhat"
 Jboss Enterprise Web Platform
Search vendor "Redhat" for product "Jboss Enterprise Web Platform"
 5.2.0
Search vendor "Redhat" for product "Jboss Enterprise Web Platform" and version "5.2.0"
-
Affected
Redhat
Search vendor "Redhat"
 Jboss Enterprise Web Server
Search vendor "Redhat" for product "Jboss Enterprise Web Server"
 2.0.1
Search vendor "Redhat" for product "Jboss Enterprise Web Server" and version "2.0.1"
-
Affected
Redhat
Search vendor "Redhat"
 Storage
Search vendor "Redhat" for product "Storage"
 2.1
Search vendor "Redhat" for product "Storage" and version "2.1"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 19
Search vendor "Fedoraproject" for product "Fedora" and version "19"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 20
Search vendor "Fedoraproject" for product "Fedora" and version "20"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 13.1
Search vendor "Opensuse" for product "Opensuse" and version "13.1"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 13.2
Search vendor "Opensuse" for product "Opensuse" and version "13.2"
-
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 4
Search vendor "Redhat" for product "Enterprise Linux" and version "4"
-
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 5
Search vendor "Redhat" for product "Enterprise Linux" and version "5"
-
Affected
Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 6.0
Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"
-
Affected
Filezilla-project
Search vendor "Filezilla-project"
 Filezilla Server
Search vendor "Filezilla-project" for product "Filezilla Server"
 < 0.9.45
Search vendor "Filezilla-project" for product "Filezilla Server" and version " < 0.9.45"
-
Affected
Mariadb
Search vendor "Mariadb"
 Mariadb
Search vendor "Mariadb" for product "Mariadb"
 >= 10.0.0 < 10.0.13
Search vendor "Mariadb" for product "Mariadb" and version " >= 10.0.0 < 10.0.13"
-
Affected
Python
Search vendor "Python"
 Python
Search vendor "Python" for product "Python"
 >= 2.7.0 < 2.7.8
Search vendor "Python" for product "Python" and version " >= 2.7.0 < 2.7.8"
-
Affected
Python
Search vendor "Python"
 Python
Search vendor "Python" for product "Python"
 >= 3.4.0 < 3.4.2
Search vendor "Python" for product "Python" and version " >= 3.4.0 < 3.4.2"
-
Affected
Nodejs
Search vendor "Nodejs"
 Node.js
Search vendor "Nodejs" for product "Node.js"
 < 0.10.29
Search vendor "Nodejs" for product "Node.js" and version " < 0.10.29"
-
Affected