Search for vulnerabilities
Vulnerability details: VCID-pmtm-skvc-aaar
Vulnerability ID VCID-pmtm-skvc-aaar
Aliases CVE-2015-4000
Summary The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-310 Cryptographic Issues
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
System Score Found at
generic_textual Medium http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
generic_textual Medium http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-4000.html
generic_textual Medium https://access.redhat.com/articles/1456263
rhas Moderate https://access.redhat.com/errata/RHSA-2015:1072
rhas Moderate https://access.redhat.com/errata/RHSA-2015:1185
rhas Moderate https://access.redhat.com/errata/RHSA-2015:1197
rhas Important https://access.redhat.com/errata/RHSA-2015:1228
rhas Critical https://access.redhat.com/errata/RHSA-2015:1229
rhas Important https://access.redhat.com/errata/RHSA-2015:1230
rhas Critical https://access.redhat.com/errata/RHSA-2015:1241
rhas Critical https://access.redhat.com/errata/RHSA-2015:1242
rhas Important https://access.redhat.com/errata/RHSA-2015:1243
rhas Critical https://access.redhat.com/errata/RHSA-2015:1485
rhas Critical https://access.redhat.com/errata/RHSA-2015:1486
rhas Critical https://access.redhat.com/errata/RHSA-2015:1488
rhas Important https://access.redhat.com/errata/RHSA-2015:1526
rhas Important https://access.redhat.com/errata/RHSA-2015:1544
rhas Moderate https://access.redhat.com/errata/RHSA-2015:1604
rhas Important https://access.redhat.com/errata/RHSA-2016:1624
rhas Important https://access.redhat.com/errata/RHSA-2016:2056
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json
epss 0.93815 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.93815 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.93815 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94027 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.94084 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.96891 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.96976 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.96976 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.97358 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.97358 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
epss 0.97358 https://api.first.org/data/v1/epss?cve=CVE-2015-4000
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1223211
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
cvssv2 7.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual Medium https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2015-4000
cvssv3 3.7 https://nvd.nist.gov/vuln/detail/CVE-2015-4000
generic_textual Medium https://ubuntu.com/security/notices/USN-2624-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2625-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2639-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2656-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2656-2
generic_textual Medium https://ubuntu.com/security/notices/USN-2673-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2696-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2706-1
generic_textual Medium http://support.apple.com/kb/HT204941
generic_textual Medium https://weakdh.org/
generic_textual Medium https://weakdh.org/imperfect-forward-secrecy.pdf
generic_textual Medium https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LogJam
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2015-70
generic_textual Medium https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
generic_textual Medium https://www.openssl.org/news/secadv_20150611.txt
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpujan2021.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpujan2021.html
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
cvssv3.1 6.5 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Reference id Reference type URL
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html
http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html
http://marc.info/?l=bugtraq&m=143506486712441&w=2
http://marc.info/?l=bugtraq&m=143557934009303&w=2
http://marc.info/?l=bugtraq&m=143558092609708&w=2
http://marc.info/?l=bugtraq&m=143628304012255&w=2
http://marc.info/?l=bugtraq&m=143637549705650&w=2
http://marc.info/?l=bugtraq&m=143655800220052&w=2
http://marc.info/?l=bugtraq&m=143880121627664&w=2
http://marc.info/?l=bugtraq&m=144043644216842&w=2
http://marc.info/?l=bugtraq&m=144050121701297&w=2
http://marc.info/?l=bugtraq&m=144060576831314&w=2
http://marc.info/?l=bugtraq&m=144060606031437&w=2
http://marc.info/?l=bugtraq&m=144061542602287&w=2
http://marc.info/?l=bugtraq&m=144069189622016&w=2
http://marc.info/?l=bugtraq&m=144102017024820&w=2
http://marc.info/?l=bugtraq&m=144104533800819&w=2
http://marc.info/?l=bugtraq&m=144493176821532&w=2
http://marc.info/?l=bugtraq&m=145409266329539&w=2
http://openwall.com/lists/oss-security/2015/05/20/8
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-4000.html
http://rhn.redhat.com/errata/RHSA-2015-1072.html
http://rhn.redhat.com/errata/RHSA-2015-1185.html
http://rhn.redhat.com/errata/RHSA-2015-1197.html
http://rhn.redhat.com/errata/RHSA-2015-1228.html
http://rhn.redhat.com/errata/RHSA-2015-1229.html
http://rhn.redhat.com/errata/RHSA-2015-1230.html
http://rhn.redhat.com/errata/RHSA-2015-1241.html
http://rhn.redhat.com/errata/RHSA-2015-1242.html
http://rhn.redhat.com/errata/RHSA-2015-1243.html
http://rhn.redhat.com/errata/RHSA-2015-1485.html
http://rhn.redhat.com/errata/RHSA-2015-1486.html
http://rhn.redhat.com/errata/RHSA-2015-1488.html
http://rhn.redhat.com/errata/RHSA-2015-1526.html
http://rhn.redhat.com/errata/RHSA-2015-1544.html
http://rhn.redhat.com/errata/RHSA-2015-1604.html
http://rhn.redhat.com/errata/RHSA-2016-1624.html
http://rhn.redhat.com/errata/RHSA-2016-2056.html
https://access.redhat.com/articles/1456263
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json
https://api.first.org/data/v1/epss?cve=CVE-2015-4000
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
https://bto.bluecoat.com/security-advisory/sa98
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/
https://openssl.org/news/secadv/20150611.txt
https://puppet.com/security/cve/CVE-2015-4000
https://security.gentoo.org/glsa/201506-02
https://security.gentoo.org/glsa/201512-10
https://security.gentoo.org/glsa/201603-11
https://security.gentoo.org/glsa/201701-46
https://security.netapp.com/advisory/ntap-20150619-0001/
https://support.citrix.com/article/CTX216642
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
https://ubuntu.com/security/notices/USN-2624-1
https://ubuntu.com/security/notices/USN-2625-1
https://ubuntu.com/security/notices/USN-2639-1
https://ubuntu.com/security/notices/USN-2656-1
https://ubuntu.com/security/notices/USN-2656-2
https://ubuntu.com/security/notices/USN-2673-1
https://ubuntu.com/security/notices/USN-2696-1
https://ubuntu.com/security/notices/USN-2706-1
http://support.apple.com/kb/HT204941
http://support.apple.com/kb/HT204942
http://support.citrix.com/article/CTX201114
https://weakdh.org/
https://weakdh.org/imperfect-forward-secrecy.pdf
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LogJam
https://www-304.ibm.com/support/docview.wss?uid=swg21959745
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
https://www.openssl.org/news/secadv_20150611.txt
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.suse.com/security/cve/CVE-2015-4000.html
http://www-01.ibm.com/support/docview.wss?uid=swg21959111
http://www-01.ibm.com/support/docview.wss?uid=swg21959195
http://www-01.ibm.com/support/docview.wss?uid=swg21959325
http://www-01.ibm.com/support/docview.wss?uid=swg21959453
http://www-01.ibm.com/support/docview.wss?uid=swg21959481
http://www-01.ibm.com/support/docview.wss?uid=swg21959517
http://www-01.ibm.com/support/docview.wss?uid=swg21959530
http://www-01.ibm.com/support/docview.wss?uid=swg21959539
http://www-01.ibm.com/support/docview.wss?uid=swg21959636
http://www-01.ibm.com/support/docview.wss?uid=swg21959812
http://www-01.ibm.com/support/docview.wss?uid=swg21960191
http://www-01.ibm.com/support/docview.wss?uid=swg21961717
http://www-01.ibm.com/support/docview.wss?uid=swg21962455
http://www-01.ibm.com/support/docview.wss?uid=swg21962739
http://www-304.ibm.com/support/docview.wss?uid=swg21958984
http://www-304.ibm.com/support/docview.wss?uid=swg21959132
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
http://www-304.ibm.com/support/docview.wss?uid=swg21960194
http://www-304.ibm.com/support/docview.wss?uid=swg21960380
http://www-304.ibm.com/support/docview.wss?uid=swg21960418
http://www-304.ibm.com/support/docview.wss?uid=swg21962816
http://www-304.ibm.com/support/docview.wss?uid=swg21967893
http://www.debian.org/security/2015/dsa-3287
http://www.debian.org/security/2015/dsa-3300
http://www.debian.org/security/2015/dsa-3316
http://www.debian.org/security/2015/dsa-3324
http://www.debian.org/security/2015/dsa-3339
http://www.debian.org/security/2016/dsa-3688
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securityfocus.com/bid/74733
http://www.securityfocus.com/bid/91787
http://www.securitytracker.com/id/1032474
http://www.securitytracker.com/id/1032475
http://www.securitytracker.com/id/1032476
http://www.securitytracker.com/id/1032637
http://www.securitytracker.com/id/1032645
http://www.securitytracker.com/id/1032647
http://www.securitytracker.com/id/1032648
http://www.securitytracker.com/id/1032649
http://www.securitytracker.com/id/1032650
http://www.securitytracker.com/id/1032651
http://www.securitytracker.com/id/1032652
http://www.securitytracker.com/id/1032653
http://www.securitytracker.com/id/1032654
http://www.securitytracker.com/id/1032655
http://www.securitytracker.com/id/1032656
http://www.securitytracker.com/id/1032688
http://www.securitytracker.com/id/1032699
http://www.securitytracker.com/id/1032702
http://www.securitytracker.com/id/1032727
http://www.securitytracker.com/id/1032759
http://www.securitytracker.com/id/1032777
http://www.securitytracker.com/id/1032778
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.securitytracker.com/id/1032856
http://www.securitytracker.com/id/1032864
http://www.securitytracker.com/id/1032865
http://www.securitytracker.com/id/1032871
http://www.securitytracker.com/id/1032884
http://www.securitytracker.com/id/1032910
http://www.securitytracker.com/id/1032932
http://www.securitytracker.com/id/1032960
http://www.securitytracker.com/id/1033019
http://www.securitytracker.com/id/1033064
http://www.securitytracker.com/id/1033065
http://www.securitytracker.com/id/1033067
http://www.securitytracker.com/id/1033208
http://www.securitytracker.com/id/1033209
http://www.securitytracker.com/id/1033210
http://www.securitytracker.com/id/1033222
http://www.securitytracker.com/id/1033341
http://www.securitytracker.com/id/1033385
http://www.securitytracker.com/id/1033416
http://www.securitytracker.com/id/1033430
http://www.securitytracker.com/id/1033433
http://www.securitytracker.com/id/1033513
http://www.securitytracker.com/id/1033760
http://www.securitytracker.com/id/1033891
http://www.securitytracker.com/id/1033991
http://www.securitytracker.com/id/1034087
http://www.securitytracker.com/id/1034728
http://www.securitytracker.com/id/1034884
http://www.securitytracker.com/id/1036218
http://www.securitytracker.com/id/1040630
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
http://www.ubuntu.com/usn/USN-2673-1
http://www.ubuntu.com/usn/USN-2696-1
http://www.ubuntu.com/usn/USN-2706-1
1223211 https://bugzilla.redhat.com/show_bug.cgi?id=1223211
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
CVE-2015-4000 https://nvd.nist.gov/vuln/detail/CVE-2015-4000
mfsa2015-70 https://www.mozilla.org/en-US/security/advisories/mfsa2015-70
RHSA-2015:1072 https://access.redhat.com/errata/RHSA-2015:1072
RHSA-2015:1185 https://access.redhat.com/errata/RHSA-2015:1185
RHSA-2015:1197 https://access.redhat.com/errata/RHSA-2015:1197
RHSA-2015:1228 https://access.redhat.com/errata/RHSA-2015:1228
RHSA-2015:1229 https://access.redhat.com/errata/RHSA-2015:1229
RHSA-2015:1230 https://access.redhat.com/errata/RHSA-2015:1230
RHSA-2015:1241 https://access.redhat.com/errata/RHSA-2015:1241
RHSA-2015:1242 https://access.redhat.com/errata/RHSA-2015:1242
RHSA-2015:1243 https://access.redhat.com/errata/RHSA-2015:1243
RHSA-2015:1485 https://access.redhat.com/errata/RHSA-2015:1485
RHSA-2015:1486 https://access.redhat.com/errata/RHSA-2015:1486
RHSA-2015:1488 https://access.redhat.com/errata/RHSA-2015:1488
RHSA-2015:1526 https://access.redhat.com/errata/RHSA-2015:1526
RHSA-2015:1544 https://access.redhat.com/errata/RHSA-2015:1544
RHSA-2015:1604 https://access.redhat.com/errata/RHSA-2015:1604
RHSA-2016:1624 https://access.redhat.com/errata/RHSA-2016:1624
RHSA-2016:2056 https://access.redhat.com/errata/RHSA-2016:2056
USN-2656-1 https://usn.ubuntu.com/2656-1/
USN-2656-2 https://usn.ubuntu.com/2656-2/
USN-2673-1 https://usn.ubuntu.com/2673-1/
USN-2696-1 https://usn.ubuntu.com/2696-1/
USN-2706-1 https://usn.ubuntu.com/2706-1/
Data source Metasploit
Description Check if a server supports a given version of SSL/TLS and cipher suites. The certificate is stored in loot, and any known vulnerabilities against that SSL version and cipher suite combination are checked. These checks include POODLE, deprecated protocols, expired/not valid certs, low key strength, null cipher suites, certificates signed with MD5, DROWN, RC4 ciphers, exportable ciphers, LOGJAM, and BEAST.
Note 
{}
Ransomware campaign use Unknown
Source publication date Oct. 14, 2014
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssl/ssl_version.rb
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4000.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-4000
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-4000
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujan2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.99852
EPSS Score 0.93815
Published At May 2, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.