Search for vulnerabilities
Vulnerability details: VCID-yvx9-u253-aaar
Vulnerability ID VCID-yvx9-u253-aaar
Aliases CVE-2015-2808
Summary The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-2808.html
rhas Critical https://access.redhat.com/errata/RHSA-2015:1006
rhas Critical https://access.redhat.com/errata/RHSA-2015:1007
rhas Critical https://access.redhat.com/errata/RHSA-2015:1020
rhas Important https://access.redhat.com/errata/RHSA-2015:1021
rhas Low https://access.redhat.com/errata/RHSA-2015:1091
rhas Important https://access.redhat.com/errata/RHSA-2015:1228
rhas Critical https://access.redhat.com/errata/RHSA-2015:1229
rhas Important https://access.redhat.com/errata/RHSA-2015:1230
rhas Critical https://access.redhat.com/errata/RHSA-2015:1241
rhas Critical https://access.redhat.com/errata/RHSA-2015:1242
rhas Important https://access.redhat.com/errata/RHSA-2015:1243
rhas Important https://access.redhat.com/errata/RHSA-2015:1526
epss 0.00300 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00438 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00438 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00438 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.00438 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.25196 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.40214 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
epss 0.4884 https://api.first.org/data/v1/epss?cve=CVE-2015-2808
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1207101
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
cvssv2 2.6 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2015-2808
generic_textual Medium https://ubuntu.com/security/notices/USN-2696-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2706-1
generic_textual Medium https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Reference id Reference type URL
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
http://marc.info/?l=bugtraq&m=143456209711959&w=2
http://marc.info/?l=bugtraq&m=143629696317098&w=2
http://marc.info/?l=bugtraq&m=143741441012338&w=2
http://marc.info/?l=bugtraq&m=143817021313142&w=2
http://marc.info/?l=bugtraq&m=143817899717054&w=2
http://marc.info/?l=bugtraq&m=143818140118771&w=2
http://marc.info/?l=bugtraq&m=144043644216842&w=2
http://marc.info/?l=bugtraq&m=144059660127919&w=2
http://marc.info/?l=bugtraq&m=144059703728085&w=2
http://marc.info/?l=bugtraq&m=144060576831314&w=2
http://marc.info/?l=bugtraq&m=144060606031437&w=2
http://marc.info/?l=bugtraq&m=144069189622016&w=2
http://marc.info/?l=bugtraq&m=144102017024820&w=2
http://marc.info/?l=bugtraq&m=144104533800819&w=2
http://marc.info/?l=bugtraq&m=144104565600964&w=2
http://marc.info/?l=bugtraq&m=144493176821532&w=2
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-2808.html
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://rhn.redhat.com/errata/RHSA-2015-1228.html
http://rhn.redhat.com/errata/RHSA-2015-1229.html
http://rhn.redhat.com/errata/RHSA-2015-1230.html
http://rhn.redhat.com/errata/RHSA-2015-1241.html
http://rhn.redhat.com/errata/RHSA-2015-1242.html
http://rhn.redhat.com/errata/RHSA-2015-1243.html
http://rhn.redhat.com/errata/RHSA-2015-1526.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2808.json
https://api.first.org/data/v1/epss?cve=CVE-2015-2808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888
https://kb.juniper.net/JSA10783
https://kc.mcafee.com/corporate/index?page=content&id=SB10163
https://security.gentoo.org/glsa/201512-10
https://ubuntu.com/security/notices/USN-2696-1
https://ubuntu.com/security/notices/USN-2706-1
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709
https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf
https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892
http://www-01.ibm.com/support/docview.wss?uid=swg21883640
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm
http://www-304.ibm.com/support/docview.wss?uid=swg21903565
http://www-304.ibm.com/support/docview.wss?uid=swg21960015
http://www-304.ibm.com/support/docview.wss?uid=swg21960769
http://www.debian.org/security/2015/dsa-3316
http://www.debian.org/security/2015/dsa-3339
http://www.huawei.com/en/psirt/security-advisories/hw-454055
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.securityfocus.com/bid/73684
http://www.securityfocus.com/bid/91787
http://www.securitytracker.com/id/1032599
http://www.securitytracker.com/id/1032600
http://www.securitytracker.com/id/1032707
http://www.securitytracker.com/id/1032708
http://www.securitytracker.com/id/1032734
http://www.securitytracker.com/id/1032788
http://www.securitytracker.com/id/1032858
http://www.securitytracker.com/id/1032868
http://www.securitytracker.com/id/1032910
http://www.securitytracker.com/id/1032990
http://www.securitytracker.com/id/1033071
http://www.securitytracker.com/id/1033072
http://www.securitytracker.com/id/1033386
http://www.securitytracker.com/id/1033415
http://www.securitytracker.com/id/1033431
http://www.securitytracker.com/id/1033432
http://www.securitytracker.com/id/1033737
http://www.securitytracker.com/id/1033769
http://www.securitytracker.com/id/1036222
http://www.ubuntu.com/usn/USN-2696-1
http://www.ubuntu.com/usn/USN-2706-1
1207101 https://bugzilla.redhat.com/show_bug.cgi?id=1207101
cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:*
cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:*
cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:*
cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:*
cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:*
cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
CVE-2015-2808 https://nvd.nist.gov/vuln/detail/CVE-2015-2808
RHSA-2015:1006 https://access.redhat.com/errata/RHSA-2015:1006
RHSA-2015:1007 https://access.redhat.com/errata/RHSA-2015:1007
RHSA-2015:1020 https://access.redhat.com/errata/RHSA-2015:1020
RHSA-2015:1021 https://access.redhat.com/errata/RHSA-2015:1021
RHSA-2015:1091 https://access.redhat.com/errata/RHSA-2015:1091
RHSA-2015:1228 https://access.redhat.com/errata/RHSA-2015:1228
RHSA-2015:1229 https://access.redhat.com/errata/RHSA-2015:1229
RHSA-2015:1230 https://access.redhat.com/errata/RHSA-2015:1230
RHSA-2015:1241 https://access.redhat.com/errata/RHSA-2015:1241
RHSA-2015:1242 https://access.redhat.com/errata/RHSA-2015:1242
RHSA-2015:1243 https://access.redhat.com/errata/RHSA-2015:1243
RHSA-2015:1526 https://access.redhat.com/errata/RHSA-2015:1526
USN-2696-1 https://usn.ubuntu.com/2696-1/
USN-2706-1 https://usn.ubuntu.com/2706-1/
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2015-2808
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.70003
EPSS Score 0.00300
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.