ID CVE-2014-0224
Summary OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:-:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6d:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6d:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8:beta6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8:beta6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 09-10-2019 - 23:09)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
redhat via4
advisories
  • bugzilla
    id 1103586
    title CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment openssl is earlier than 0:0.9.8e-27.el5_10.3
          oval oval:com.redhat.rhsa:tst:20140624002
        • comment openssl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070964003
      • AND
        • comment openssl-devel is earlier than 0:0.9.8e-27.el5_10.3
          oval oval:com.redhat.rhsa:tst:20140624006
        • comment openssl-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070964005
      • AND
        • comment openssl-perl is earlier than 0:0.9.8e-27.el5_10.3
          oval oval:com.redhat.rhsa:tst:20140624004
        • comment openssl-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070964007
    rhsa
    id RHSA-2014:0624
    released 2014-06-05
    severity Important
    title RHSA-2014:0624: openssl security update (Important)
  • bugzilla
    id 1103586
    title CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • comment openssl097a is earlier than 0:0.9.7a-12.el5_10.1
        oval oval:com.redhat.rhsa:tst:20140626002
      • comment openssl097a is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090004017
    • AND
      • comment openssl098e is earlier than 0:0.9.8e-18.el6_5.2
        oval oval:com.redhat.rhsa:tst:20140626008
      • comment openssl098e is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120518014
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2014:0626
    released 2014-06-05
    severity Important
    title RHSA-2014:0626: openssl097a and openssl098e security update (Important)
  • bugzilla
    id 1103586
    title CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
    oval
    AND
    • comment openssl098e is earlier than 0:0.9.8e-29.el7_0.2
      oval oval:com.redhat.rhsa:tst:20140680005
    • comment openssl098e is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20120518014
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    rhsa
    id RHSA-2014:0680
    released 2014-06-10
    severity Important
    title RHSA-2014:0680: openssl098e security update (Important)
  • rhsa
    id RHSA-2014:0627
  • rhsa
    id RHSA-2014:0630
  • rhsa
    id RHSA-2014:0631
  • rhsa
    id RHSA-2014:0632
  • rhsa
    id RHSA-2014:0633
rpms
  • openssl-0:0.9.8e-27.el5_10.3
  • openssl-devel-0:0.9.8e-27.el5_10.3
  • openssl-perl-0:0.9.8e-27.el5_10.3
  • openssl-0:1.0.1e-16.el6_5.14
  • openssl-devel-0:1.0.1e-16.el6_5.14
  • openssl-perl-0:1.0.1e-16.el6_5.14
  • openssl-static-0:1.0.1e-16.el6_5.14
  • openssl097a-0:0.9.7a-12.el5_10.1
  • openssl098e-0:0.9.8e-18.el6_5.2
  • openssl-1:1.0.1e-34.el7_0.3
  • openssl-devel-1:1.0.1e-34.el7_0.3
  • openssl-libs-1:1.0.1e-34.el7_0.3
  • openssl-perl-1:1.0.1e-34.el7_0.3
  • openssl-static-1:1.0.1e-34.el7_0.3
  • openssl098e-0:0.9.8e-29.el7_0.2
refmap via4
aixapar
  • IT02314
  • IV61506
bugtraq 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
cert-vn VU#978508
cisco 20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
confirm
fedora
  • FEDORA-2014-9301
  • FEDORA-2014-9308
fulldisc
  • 20140607 Re: More OpenSSL issues
  • 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo GLSA-201407-05
hp
  • HPSBGN03050
  • HPSBGN03068
  • HPSBHF03052
  • HPSBHF03088
  • HPSBHF03145
  • HPSBMU03051
  • HPSBMU03053
  • HPSBMU03055
  • HPSBMU03056
  • HPSBMU03057
  • HPSBMU03058
  • HPSBMU03062
  • HPSBMU03065
  • HPSBMU03070
  • HPSBMU03071
  • HPSBMU03074
  • HPSBMU03076
  • HPSBMU03078
  • HPSBMU03083
  • HPSBMU03089
  • HPSBMU03094
  • HPSBMU03101
  • HPSBMU03216
  • HPSBOV03047
  • HPSBPI03107
  • HPSBST03097
  • HPSBST03098
  • HPSBST03103
  • HPSBST03106
  • HPSBST03195
  • HPSBST03265
  • HPSBUX03046
  • SSRT101590
  • SSRT101818
mandriva
  • MDVSA-2014:105
  • MDVSA-2014:106
  • MDVSA-2015:062
misc
sectrack
  • 1031032
  • 1031594
secunia
  • 58128
  • 58337
  • 58385
  • 58433
  • 58492
  • 58579
  • 58615
  • 58639
  • 58660
  • 58667
  • 58713
  • 58714
  • 58716
  • 58719
  • 58742
  • 58743
  • 58745
  • 58759
  • 58930
  • 58939
  • 58945
  • 58977
  • 59004
  • 59012
  • 59040
  • 59043
  • 59055
  • 59063
  • 59093
  • 59101
  • 59120
  • 59126
  • 59132
  • 59135
  • 59142
  • 59162
  • 59163
  • 59167
  • 59175
  • 59186
  • 59188
  • 59189
  • 59190
  • 59191
  • 59192
  • 59202
  • 59211
  • 59214
  • 59215
  • 59223
  • 59231
  • 59264
  • 59282
  • 59284
  • 59287
  • 59300
  • 59301
  • 59305
  • 59306
  • 59310
  • 59325
  • 59338
  • 59342
  • 59347
  • 59354
  • 59362
  • 59364
  • 59365
  • 59368
  • 59370
  • 59374
  • 59375
  • 59380
  • 59383
  • 59389
  • 59413
  • 59429
  • 59435
  • 59437
  • 59438
  • 59440
  • 59441
  • 59442
  • 59444
  • 59445
  • 59446
  • 59447
  • 59448
  • 59449
  • 59450
  • 59451
  • 59454
  • 59459
  • 59460
  • 59483
  • 59490
  • 59491
  • 59495
  • 59502
  • 59506
  • 59514
  • 59518
  • 59525
  • 59528
  • 59529
  • 59530
  • 59589
  • 59602
  • 59655
  • 59659
  • 59661
  • 59666
  • 59669
  • 59677
  • 59721
  • 59784
  • 59824
  • 59827
  • 59878
  • 59885
  • 59894
  • 59916
  • 59990
  • 60049
  • 60066
  • 60176
  • 60522
  • 60567
  • 60571
  • 60577
  • 60819
  • 61254
  • 61815
suse
  • SUSE-SU-2015:0578
  • SUSE-SU-2015:0743
  • openSUSE-SU-2015:0229
  • openSUSE-SU-2016:0640
Last major update 09-10-2019 - 23:09
Published 05-06-2014 - 21:55
Back to Top