// For flags

CVE-2014-3068

JDK: Java CMS keystore provider potentially allows brute-force private key recovery

Severity Score

6.4
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack.

IBM Java Runtime Environment (JRE) 7 R1 anterior a SR1 FP1 (7.1.1.1), 7 anterior a SR7 FP1 (7.0.7.1), 6 R1 anterior a SR8 FP1 (6.1.8.1), 6 anterior a SR16 FP1 (6.0.16.1), y anterior a 5.0 SR16 FP7 (5.0.16.7) permite a atacantes obtener la clave privada de un almacén de claves del sistema de gestión de certificados 'Certificate Management System (CMS)' a través de un ataque de fuerza bruta.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
Attack Vector
Local
Attack Complexity
High
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-04-29 CVE Reserved
  • 2014-12-02 CVE Published
  • 2024-07-14 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-255: Credentials Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.0.0
Search vendor "Ibm" for product "Java" and version "5.0.0.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.11.0
Search vendor "Ibm" for product "Java" and version "5.0.11.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.11.1
Search vendor "Ibm" for product "Java" and version "5.0.11.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.11.2
Search vendor "Ibm" for product "Java" and version "5.0.11.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.0
Search vendor "Ibm" for product "Java" and version "5.0.12.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.1
Search vendor "Ibm" for product "Java" and version "5.0.12.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.2
Search vendor "Ibm" for product "Java" and version "5.0.12.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.3
Search vendor "Ibm" for product "Java" and version "5.0.12.3"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.4
Search vendor "Ibm" for product "Java" and version "5.0.12.4"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.12.5
Search vendor "Ibm" for product "Java" and version "5.0.12.5"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.13.0
Search vendor "Ibm" for product "Java" and version "5.0.13.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.14.0
Search vendor "Ibm" for product "Java" and version "5.0.14.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.15.0
Search vendor "Ibm" for product "Java" and version "5.0.15.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.16.0
Search vendor "Ibm" for product "Java" and version "5.0.16.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.16.1
Search vendor "Ibm" for product "Java" and version "5.0.16.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.16.2
Search vendor "Ibm" for product "Java" and version "5.0.16.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
5.0.16.3
Search vendor "Ibm" for product "Java" and version "5.0.16.3"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.0.0
Search vendor "Ibm" for product "Java" and version "6.0.0.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.1.0
Search vendor "Ibm" for product "Java" and version "6.0.1.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.2.0
Search vendor "Ibm" for product "Java" and version "6.0.2.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.3.0
Search vendor "Ibm" for product "Java" and version "6.0.3.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.4.0
Search vendor "Ibm" for product "Java" and version "6.0.4.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.5.0
Search vendor "Ibm" for product "Java" and version "6.0.5.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.6.0
Search vendor "Ibm" for product "Java" and version "6.0.6.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.7.0
Search vendor "Ibm" for product "Java" and version "6.0.7.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.8.0
Search vendor "Ibm" for product "Java" and version "6.0.8.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.8.1
Search vendor "Ibm" for product "Java" and version "6.0.8.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.9.0
Search vendor "Ibm" for product "Java" and version "6.0.9.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.9.1
Search vendor "Ibm" for product "Java" and version "6.0.9.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.9.2
Search vendor "Ibm" for product "Java" and version "6.0.9.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.10.0
Search vendor "Ibm" for product "Java" and version "6.0.10.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.10.1
Search vendor "Ibm" for product "Java" and version "6.0.10.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.11.0
Search vendor "Ibm" for product "Java" and version "6.0.11.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.12.0
Search vendor "Ibm" for product "Java" and version "6.0.12.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.13.0
Search vendor "Ibm" for product "Java" and version "6.0.13.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.13.1
Search vendor "Ibm" for product "Java" and version "6.0.13.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.13.2
Search vendor "Ibm" for product "Java" and version "6.0.13.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
6.0.14.0
Search vendor "Ibm" for product "Java" and version "6.0.14.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.0.0
Search vendor "Ibm" for product "Java" and version "7.0.0.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.1.0
Search vendor "Ibm" for product "Java" and version "7.0.1.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.2.0
Search vendor "Ibm" for product "Java" and version "7.0.2.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.3.0
Search vendor "Ibm" for product "Java" and version "7.0.3.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.4.0
Search vendor "Ibm" for product "Java" and version "7.0.4.0"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.4.1
Search vendor "Ibm" for product "Java" and version "7.0.4.1"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.4.2
Search vendor "Ibm" for product "Java" and version "7.0.4.2"
-
Affected
Ibm
Search vendor "Ibm"
Java
Search vendor "Ibm" for product "Java"
7.0.5.0
Search vendor "Ibm" for product "Java" and version "7.0.5.0"
-
Affected