Search for vulnerabilities
Vulnerability details: VCID-z8sc-rus1-aaae
Vulnerability ID VCID-z8sc-rus1-aaae
Aliases CVE-2014-3568
VC-OPENSSL-20141015-CVE-2014-3568
Summary When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-310 Cryptographic Issues
System Score Found at
generic_textual LOW http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3568.html
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00547 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00578 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00578 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00578 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.00578 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03412 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.03932 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.04497 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
epss 0.06961 https://api.first.org/data/v1/epss?cve=CVE-2014-3568
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1152967
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
generic_textual MODERATE https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2014-3568
generic_textual LOW https://support.apple.com/HT205217
generic_textual Low https://www.openssl.org/news/secadv/20141015.txt
generic_textual Low https://www.openssl.org/news/secadv_20141015.txt
Reference id Reference type URL
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
http://marc.info/?l=bugtraq&m=141477196830952&w=2
http://marc.info/?l=bugtraq&m=142103967620673&w=2
http://marc.info/?l=bugtraq&m=142495837901899&w=2
http://marc.info/?l=bugtraq&m=142624590206005&w=2
http://marc.info/?l=bugtraq&m=142791032306609&w=2
http://marc.info/?l=bugtraq&m=142804214608580&w=2
http://marc.info/?l=bugtraq&m=143290437727362&w=2
http://marc.info/?l=bugtraq&m=143290522027658&w=2
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3568.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3568.json
https://api.first.org/data/v1/epss?cve=CVE-2014-3568
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://secunia.com/advisories/59627
http://secunia.com/advisories/61058
http://secunia.com/advisories/61073
http://secunia.com/advisories/61130
http://secunia.com/advisories/61207
http://secunia.com/advisories/61819
http://secunia.com/advisories/61959
http://secunia.com/advisories/62030
http://secunia.com/advisories/62070
http://secunia.com/advisories/62124
http://security.gentoo.org/glsa/glsa-201412-39.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/97037
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=26a59d9b46574e457870197dffa802871b4c8fc7
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://kc.mcafee.com/corporate/index?page=content&id=SB10091
https://support.apple.com/HT205217
https://support.citrix.com/article/CTX216642
http://support.apple.com/HT204244
https://www.openssl.org/news/secadv/20141015.txt
https://www.openssl.org/news/secadv_20141015.txt
http://www-01.ibm.com/support/docview.wss?uid=swg21686997
http://www.debian.org/security/2014/dsa-3053
http://www.securityfocus.com/bid/70585
http://www.securitytracker.com/id/1031053
1152967 https://bugzilla.redhat.com/show_bug.cgi?id=1152967
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
CVE-2014-3568 https://nvd.nist.gov/vuln/detail/CVE-2014-3568
GLSA-201412-39 https://security.gentoo.org/glsa/201412-39
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2014-3568
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.77874
EPSS Score 0.00547
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.