Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

6 vulnerabilities found for sparc_enterprise_m8000_firmware by fujitsu

CVE-2019-13163 (GCVE-0-2019-13163)

Vulnerability from nvd – Published: 2020-02-07 22:45 – Updated: 2024-08-04 23:41

Summary

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://www.fujitsu.com/jp/products/software/reso…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-02-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-07T22:45:40",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html",
              "refsource": "CONFIRM",
              "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13163",
    "datePublished": "2020-02-07T22:45:40",
    "dateReserved": "2019-07-02T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2808 (GCVE-0-2015-2808)

Vulnerability from nvd – Published: 2015-04-01 00:00 – Updated: 2024-08-06 05:24

Summary

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1243.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www.oracle.com/technetwork/topics/security…
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	https://kb.juniper.net/JSA10783
	http://www.securitytracker.com/id/1033737	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060576831314&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1036222	vdb-entry
	http://h20564.www2.hpe.com/hpsc/doc/public/displa…
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	https://security.gentoo.org/glsa/201512-10	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1229.html	vendor-advisory
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…
	http://www.securitytracker.com/id/1032600	vdb-entry
	http://www.securitytracker.com/id/1032910	vdb-entry
	http://www.ubuntu.com/usn/USN-2706-1	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1526.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1032599	vdb-entry
	http://marc.info/?l=bugtraq&m=144104533800819&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…
	https://kc.mcafee.com/corporate/index?page=conten…
	http://marc.info/?l=bugtraq&m=144043644216842&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032734	vdb-entry
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://www.securitytracker.com/id/1033769	vdb-entry
	http://www.securitytracker.com/id/1032707	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144069189622016&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1228.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060606031437&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032708	vdb-entry
	http://www.huawei.com/en/psirt/security-advisorie…
	http://www.debian.org/security/2015/dsa-3316	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1033415	vdb-entry
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	https://www-947.ibm.com/support/entry/portal/docd…
	http://marc.info/?l=bugtraq&m=144104565600964&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg…
	http://marc.info/?l=bugtraq&m=144102017024820&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033432	vdb-entry
	http://marc.info/?l=bugtraq&m=143629696317098&w=2	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.securitytracker.com/id/1032858	vdb-entry
	https://h20564.www2.hp.com/portal/site/hpsc/publi…	vendor-advisory
	http://www.securitytracker.com/id/1032788	vdb-entry
	http://www.ubuntu.com/usn/USN-2696-1	vendor-advisory
	https://www.blackhat.com/docs/asia-15/materials/a…
	http://www.debian.org/security/2015/dsa-3339	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1242.html	vendor-advisory
	http://kb.juniper.net/InfoCenter/index?page=conte…
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.securitytracker.com/id/1033431	vdb-entry
	http://www1.huawei.com/en/security/psirt/security…
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://www.securitytracker.com/id/1032868	vdb-entry
	http://marc.info/?l=bugtraq&m=144059703728085&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securityfocus.com/bid/91787	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1241.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://kb.juniper.net/InfoCenter/index?page=conte…
	http://rhn.redhat.com/errata/RHSA-2015-1230.html	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://marc.info/?l=bugtraq&m=143456209711959&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033386	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033072	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=144059660127919&w=2	vendor-advisory
	http://www.securityfocus.com/bid/73684	vdb-entry
	http://www.securitytracker.com/id/1032990	vdb-entry
	http://www.securitytracker.com/id/1033071	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://www.secpod.com/blog/cve-2015-2808-bar-mit…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:24:38.828Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT102127",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "name": "RHSA-2015:1243",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
          },
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "HPSBGN03367",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "name": "HPSBUX03512",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "1033737",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033737"
          },
          {
            "name": "SUSE-SU-2015:2192",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
          },
          {
            "name": "HPSBGN03399",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "1036222",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036222"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
          },
          {
            "name": "SSRT102129",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
          },
          {
            "name": "GLSA-201512-10",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201512-10"
          },
          {
            "name": "RHSA-2015:1229",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
          },
          {
            "name": "1032600",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032600"
          },
          {
            "name": "1032910",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032910"
          },
          {
            "name": "USN-2706-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2706-1"
          },
          {
            "name": "RHSA-2015:1526",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
          },
          {
            "name": "SSRT102133",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "1032599",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032599"
          },
          {
            "name": "HPSBMU03401",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
          },
          {
            "name": "HPSBMU03345",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
          },
          {
            "name": "1032734",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032734"
          },
          {
            "name": "IV71892",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
          },
          {
            "name": "1033769",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033769"
          },
          {
            "name": "1032707",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032707"
          },
          {
            "name": "openSUSE-SU-2015:1289",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
          },
          {
            "name": "HPSBGN03372",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "name": "HPSBGN03402",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
          },
          {
            "name": "IV71888",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
          },
          {
            "name": "RHSA-2015:1228",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
          },
          {
            "name": "HPSBGN03405",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
          },
          {
            "name": "1032708",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032708"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
          },
          {
            "name": "DSA-3316",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3316"
          },
          {
            "name": "SUSE-SU-2015:2166",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "1033415",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033415"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "name": "HPSBGN03366",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
          },
          {
            "name": "HPSBGN03403",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
          },
          {
            "name": "SSRT102254",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "HPSBGN03407",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
          },
          {
            "name": "1033432",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033432"
          },
          {
            "name": "HPSBGN03354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "1032858",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032858"
          },
          {
            "name": "SSRT102073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
          },
          {
            "name": "1032788",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032788"
          },
          {
            "name": "USN-2696-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2696-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
          },
          {
            "name": "DSA-3339",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3339"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "RHSA-2015:1242",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "1033431",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033431"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
          },
          {
            "name": "1032868",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032868"
          },
          {
            "name": "HPSBGN03415",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "SUSE-SU-2015:1319",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
          },
          {
            "name": "SUSE-SU-2015:1320",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
          },
          {
            "name": "openSUSE-SU-2015:1288",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
          },
          {
            "name": "RHSA-2015:1241",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "RHSA-2015:1230",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
          },
          {
            "name": "HPSBGN03338",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
          },
          {
            "name": "1033386",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033386"
          },
          {
            "name": "HPSBMU03377",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "name": "1033072",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033072"
          },
          {
            "name": "SSRT102150",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          },
          {
            "name": "HPSBGN03414",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
          },
          {
            "name": "73684",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73684"
          },
          {
            "name": "1032990",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032990"
          },
          {
            "name": "1033071",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033071"
          },
          {
            "name": "SUSE-SU-2016:0113",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-07T16:46:59.848306",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSRT102127",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "name": "RHSA-2015:1243",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
        },
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "HPSBGN03367",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "name": "HPSBUX03512",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
        },
        {
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "name": "1033737",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033737"
        },
        {
          "name": "SUSE-SU-2015:2192",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
        },
        {
          "name": "HPSBGN03399",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "1036222",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1036222"
        },
        {
          "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
        },
        {
          "name": "SSRT102129",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
        },
        {
          "name": "GLSA-201512-10",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/201512-10"
        },
        {
          "name": "RHSA-2015:1229",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
        },
        {
          "name": "1032600",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032600"
        },
        {
          "name": "1032910",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032910"
        },
        {
          "name": "USN-2706-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2706-1"
        },
        {
          "name": "RHSA-2015:1526",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
        },
        {
          "name": "SSRT102133",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "1032599",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032599"
        },
        {
          "name": "HPSBMU03401",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
        },
        {
          "name": "HPSBMU03345",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
        },
        {
          "name": "1032734",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032734"
        },
        {
          "name": "IV71892",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
        },
        {
          "name": "1033769",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033769"
        },
        {
          "name": "1032707",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032707"
        },
        {
          "name": "openSUSE-SU-2015:1289",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
        },
        {
          "name": "HPSBGN03372",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "name": "HPSBGN03402",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
        },
        {
          "name": "IV71888",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
        },
        {
          "name": "RHSA-2015:1228",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
        },
        {
          "name": "HPSBGN03405",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
        },
        {
          "name": "1032708",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032708"
        },
        {
          "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
        },
        {
          "name": "DSA-3316",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3316"
        },
        {
          "name": "SUSE-SU-2015:2166",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "1033415",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033415"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
        },
        {
          "name": "HPSBGN03366",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
        },
        {
          "name": "HPSBGN03403",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
        },
        {
          "name": "SSRT102254",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "HPSBGN03407",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
        },
        {
          "name": "1033432",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033432"
        },
        {
          "name": "HPSBGN03354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "1032858",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032858"
        },
        {
          "name": "SSRT102073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
        },
        {
          "name": "1032788",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032788"
        },
        {
          "name": "USN-2696-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2696-1"
        },
        {
          "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
        },
        {
          "name": "DSA-3339",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3339"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "RHSA-2015:1242",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "1033431",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033431"
        },
        {
          "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
        },
        {
          "name": "1032868",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032868"
        },
        {
          "name": "HPSBGN03415",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "SUSE-SU-2015:1319",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
        },
        {
          "name": "SUSE-SU-2015:1320",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
        },
        {
          "name": "openSUSE-SU-2015:1288",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
        },
        {
          "name": "RHSA-2015:1241",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "RHSA-2015:1230",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
        },
        {
          "name": "HPSBGN03338",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
        },
        {
          "name": "1033386",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033386"
        },
        {
          "name": "HPSBMU03377",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "name": "1033072",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033072"
        },
        {
          "name": "SSRT102150",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        },
        {
          "name": "HPSBGN03414",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
        },
        {
          "name": "73684",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/73684"
        },
        {
          "name": "1032990",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032990"
        },
        {
          "name": "1033071",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033071"
        },
        {
          "name": "SUSE-SU-2016:0113",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
        },
        {
          "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2808",
    "datePublished": "2015-04-01T00:00:00",
    "dateReserved": "2015-03-31T00:00:00",
    "dateUpdated": "2024-08-06T05:24:38.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-2566 (GCVE-0-2013-2566)

Vulnerability from nvd – Published: 2013-03-14 22:00 – Updated: 2024-08-06 15:44

Summary

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://blog.cryptographyengineering.com/2013/03/a…	x_refsource_MISC
	http://www.securityfocus.com/bid/58796	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://cr.yp.to/talks/2013.03.12/slides.pdf	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=143039468003789&w=2	vendor-advisoryx_refsource_HP
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201504-01	vendor-advisoryx_refsource_GENTOO
	http://security.gentoo.org/glsa/glsa-201406-19.xml	vendor-advisoryx_refsource_GENTOO
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=143039468003789&w=2	vendor-advisoryx_refsource_HP
	http://www.ubuntu.com/usn/USN-2031-1	vendor-advisoryx_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2032-1	vendor-advisoryx_refsource_UBUNTU
	http://my.opera.com/securitygroup/blog/2013/03/20…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.opera.com/security/advisory/1046	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
	http://www.mozilla.org/security/announce/2013/mfs…	x_refsource_CONFIRM
	http://www.isg.rhul.ac.uk/tls/	x_refsource_MISC
	http://www.opera.com/docs/changelogs/unified/1215/	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:32.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
          },
          {
            "name": "58796",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58796"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
          },
          {
            "name": "HPSBGN03324",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "GLSA-201504-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201504-01"
          },
          {
            "name": "GLSA-201406-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "SSRT102035",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
          },
          {
            "name": "USN-2031-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2031-1"
          },
          {
            "name": "USN-2032-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2032-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/security/advisory/1046"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.isg.rhul.ac.uk/tls/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/docs/changelogs/unified/1215/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-18T01:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
        },
        {
          "name": "58796",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58796"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
        },
        {
          "name": "HPSBGN03324",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "GLSA-201504-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201504-01"
        },
        {
          "name": "GLSA-201406-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "SSRT102035",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
        },
        {
          "name": "USN-2031-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2031-1"
        },
        {
          "name": "USN-2032-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2032-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/security/advisory/1046"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.isg.rhul.ac.uk/tls/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/docs/changelogs/unified/1215/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2566",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html",
              "refsource": "MISC",
              "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
            },
            {
              "name": "58796",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58796"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "http://cr.yp.to/talks/2013.03.12/slides.pdf",
              "refsource": "MISC",
              "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
            },
            {
              "name": "HPSBGN03324",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "GLSA-201504-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201504-01"
            },
            {
              "name": "GLSA-201406-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "SSRT102035",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
            },
            {
              "name": "USN-2031-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2031-1"
            },
            {
              "name": "USN-2032-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2032-1"
            },
            {
              "name": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4",
              "refsource": "CONFIRM",
              "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
            },
            {
              "name": "http://www.opera.com/security/advisory/1046",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/security/advisory/1046"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
            },
            {
              "name": "http://www.isg.rhul.ac.uk/tls/",
              "refsource": "MISC",
              "url": "http://www.isg.rhul.ac.uk/tls/"
            },
            {
              "name": "http://www.opera.com/docs/changelogs/unified/1215/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/docs/changelogs/unified/1215/"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-2566",
    "datePublished": "2013-03-14T22:00:00",
    "dateReserved": "2013-03-14T00:00:00",
    "dateUpdated": "2024-08-06T15:44:32.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13163 (GCVE-0-2019-13163)

Vulnerability from cvelistv5 – Published: 2020-02-07 22:45 – Updated: 2024-08-04 23:41

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://www.fujitsu.com/jp/products/software/reso…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-02-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-07T22:45:40",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html",
              "refsource": "CONFIRM",
              "url": "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13163",
    "datePublished": "2020-02-07T22:45:40",
    "dateReserved": "2019-07-02T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2808 (GCVE-0-2015-2808)

Vulnerability from cvelistv5 – Published: 2015-04-01 00:00 – Updated: 2024-08-06 05:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1243.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www.oracle.com/technetwork/topics/security…
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	https://kb.juniper.net/JSA10783
	http://www.securitytracker.com/id/1033737	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060576831314&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1036222	vdb-entry
	http://h20564.www2.hpe.com/hpsc/doc/public/displa…
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	https://security.gentoo.org/glsa/201512-10	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1229.html	vendor-advisory
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…
	http://www.securitytracker.com/id/1032600	vdb-entry
	http://www.securitytracker.com/id/1032910	vdb-entry
	http://www.ubuntu.com/usn/USN-2706-1	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1526.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1032599	vdb-entry
	http://marc.info/?l=bugtraq&m=144104533800819&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…
	https://kc.mcafee.com/corporate/index?page=conten…
	http://marc.info/?l=bugtraq&m=144043644216842&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032734	vdb-entry
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://www.securitytracker.com/id/1033769	vdb-entry
	http://www.securitytracker.com/id/1032707	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144069189622016&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1228.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060606031437&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032708	vdb-entry
	http://www.huawei.com/en/psirt/security-advisorie…
	http://www.debian.org/security/2015/dsa-3316	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securitytracker.com/id/1033415	vdb-entry
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	https://www-947.ibm.com/support/entry/portal/docd…
	http://marc.info/?l=bugtraq&m=144104565600964&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg…
	http://marc.info/?l=bugtraq&m=144102017024820&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033432	vdb-entry
	http://marc.info/?l=bugtraq&m=143629696317098&w=2	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.securitytracker.com/id/1032858	vdb-entry
	https://h20564.www2.hp.com/portal/site/hpsc/publi…	vendor-advisory
	http://www.securitytracker.com/id/1032788	vdb-entry
	http://www.ubuntu.com/usn/USN-2696-1	vendor-advisory
	https://www.blackhat.com/docs/asia-15/materials/a…
	http://www.debian.org/security/2015/dsa-3339	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1242.html	vendor-advisory
	http://kb.juniper.net/InfoCenter/index?page=conte…
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://www.securitytracker.com/id/1033431	vdb-entry
	http://www1.huawei.com/en/security/psirt/security…
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://www.securitytracker.com/id/1032868	vdb-entry
	http://marc.info/?l=bugtraq&m=144059703728085&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-adviso…
	http://www.securityfocus.com/bid/91787	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1241.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://kb.juniper.net/InfoCenter/index?page=conte…
	http://rhn.redhat.com/errata/RHSA-2015-1230.html	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://marc.info/?l=bugtraq&m=143456209711959&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033386	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033072	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/publ…
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=sw…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	http://marc.info/?l=bugtraq&m=144059660127919&w=2	vendor-advisory
	http://www.securityfocus.com/bid/73684	vdb-entry
	http://www.securitytracker.com/id/1032990	vdb-entry
	http://www.securitytracker.com/id/1033071	vdb-entry
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://www.secpod.com/blog/cve-2015-2808-bar-mit…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:24:38.828Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT102127",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "name": "RHSA-2015:1243",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
          },
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "HPSBGN03367",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "name": "HPSBUX03512",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "1033737",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033737"
          },
          {
            "name": "SUSE-SU-2015:2192",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
          },
          {
            "name": "HPSBGN03399",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "1036222",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036222"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
          },
          {
            "name": "SSRT102129",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
          },
          {
            "name": "GLSA-201512-10",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201512-10"
          },
          {
            "name": "RHSA-2015:1229",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
          },
          {
            "name": "1032600",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032600"
          },
          {
            "name": "1032910",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032910"
          },
          {
            "name": "USN-2706-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2706-1"
          },
          {
            "name": "RHSA-2015:1526",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
          },
          {
            "name": "SSRT102133",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "1032599",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032599"
          },
          {
            "name": "HPSBMU03401",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
          },
          {
            "name": "HPSBMU03345",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
          },
          {
            "name": "1032734",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032734"
          },
          {
            "name": "IV71892",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
          },
          {
            "name": "1033769",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033769"
          },
          {
            "name": "1032707",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032707"
          },
          {
            "name": "openSUSE-SU-2015:1289",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
          },
          {
            "name": "HPSBGN03372",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "name": "HPSBGN03402",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
          },
          {
            "name": "IV71888",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
          },
          {
            "name": "RHSA-2015:1228",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
          },
          {
            "name": "HPSBGN03405",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
          },
          {
            "name": "1032708",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032708"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
          },
          {
            "name": "DSA-3316",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3316"
          },
          {
            "name": "SUSE-SU-2015:2166",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "1033415",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033415"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "name": "HPSBGN03366",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
          },
          {
            "name": "HPSBGN03403",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
          },
          {
            "name": "SSRT102254",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "HPSBGN03407",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
          },
          {
            "name": "1033432",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033432"
          },
          {
            "name": "HPSBGN03354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "1032858",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032858"
          },
          {
            "name": "SSRT102073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
          },
          {
            "name": "1032788",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032788"
          },
          {
            "name": "USN-2696-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2696-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
          },
          {
            "name": "DSA-3339",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3339"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "RHSA-2015:1242",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "1033431",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033431"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
          },
          {
            "name": "1032868",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032868"
          },
          {
            "name": "HPSBGN03415",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "SUSE-SU-2015:1319",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
          },
          {
            "name": "SUSE-SU-2015:1320",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
          },
          {
            "name": "openSUSE-SU-2015:1288",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
          },
          {
            "name": "RHSA-2015:1241",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "RHSA-2015:1230",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
          },
          {
            "name": "HPSBGN03338",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
          },
          {
            "name": "1033386",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033386"
          },
          {
            "name": "HPSBMU03377",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "name": "1033072",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033072"
          },
          {
            "name": "SSRT102150",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          },
          {
            "name": "HPSBGN03414",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
          },
          {
            "name": "73684",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73684"
          },
          {
            "name": "1032990",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032990"
          },
          {
            "name": "1033071",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033071"
          },
          {
            "name": "SUSE-SU-2016:0113",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-07T16:46:59.848306",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSRT102127",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "name": "RHSA-2015:1243",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
        },
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "HPSBGN03367",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "name": "HPSBUX03512",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
        },
        {
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "name": "1033737",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033737"
        },
        {
          "name": "SUSE-SU-2015:2192",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
        },
        {
          "name": "HPSBGN03399",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "1036222",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1036222"
        },
        {
          "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
        },
        {
          "name": "SSRT102129",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
        },
        {
          "name": "GLSA-201512-10",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/201512-10"
        },
        {
          "name": "RHSA-2015:1229",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
        },
        {
          "name": "1032600",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032600"
        },
        {
          "name": "1032910",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032910"
        },
        {
          "name": "USN-2706-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2706-1"
        },
        {
          "name": "RHSA-2015:1526",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
        },
        {
          "name": "SSRT102133",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "1032599",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032599"
        },
        {
          "name": "HPSBMU03401",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
        },
        {
          "name": "HPSBMU03345",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
        },
        {
          "name": "1032734",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032734"
        },
        {
          "name": "IV71892",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
        },
        {
          "name": "1033769",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033769"
        },
        {
          "name": "1032707",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032707"
        },
        {
          "name": "openSUSE-SU-2015:1289",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
        },
        {
          "name": "HPSBGN03372",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "name": "HPSBGN03402",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
        },
        {
          "name": "IV71888",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
        },
        {
          "name": "RHSA-2015:1228",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
        },
        {
          "name": "HPSBGN03405",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
        },
        {
          "name": "1032708",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032708"
        },
        {
          "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
        },
        {
          "name": "DSA-3316",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3316"
        },
        {
          "name": "SUSE-SU-2015:2166",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "1033415",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033415"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
        },
        {
          "name": "HPSBGN03366",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
        },
        {
          "name": "HPSBGN03403",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
        },
        {
          "name": "SSRT102254",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "HPSBGN03407",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
        },
        {
          "name": "1033432",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033432"
        },
        {
          "name": "HPSBGN03354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "1032858",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032858"
        },
        {
          "name": "SSRT102073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
        },
        {
          "name": "1032788",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032788"
        },
        {
          "name": "USN-2696-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2696-1"
        },
        {
          "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
        },
        {
          "name": "DSA-3339",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3339"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "RHSA-2015:1242",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "1033431",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033431"
        },
        {
          "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
        },
        {
          "name": "1032868",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032868"
        },
        {
          "name": "HPSBGN03415",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "SUSE-SU-2015:1319",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
        },
        {
          "name": "SUSE-SU-2015:1320",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
        },
        {
          "name": "openSUSE-SU-2015:1288",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
        },
        {
          "name": "RHSA-2015:1241",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "RHSA-2015:1230",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
        },
        {
          "name": "HPSBGN03338",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
        },
        {
          "name": "1033386",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033386"
        },
        {
          "name": "HPSBMU03377",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "name": "1033072",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033072"
        },
        {
          "name": "SSRT102150",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        },
        {
          "name": "HPSBGN03414",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
        },
        {
          "name": "73684",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/73684"
        },
        {
          "name": "1032990",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032990"
        },
        {
          "name": "1033071",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033071"
        },
        {
          "name": "SUSE-SU-2016:0113",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
        },
        {
          "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2808",
    "datePublished": "2015-04-01T00:00:00",
    "dateReserved": "2015-03-31T00:00:00",
    "dateUpdated": "2024-08-06T05:24:38.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-2566 (GCVE-0-2013-2566)

Vulnerability from cvelistv5 – Published: 2013-03-14 22:00 – Updated: 2024-08-06 15:44

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://blog.cryptographyengineering.com/2013/03/a…	x_refsource_MISC
	http://www.securityfocus.com/bid/58796	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://cr.yp.to/talks/2013.03.12/slides.pdf	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=143039468003789&w=2	vendor-advisoryx_refsource_HP
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201504-01	vendor-advisoryx_refsource_GENTOO
	http://security.gentoo.org/glsa/glsa-201406-19.xml	vendor-advisoryx_refsource_GENTOO
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=143039468003789&w=2	vendor-advisoryx_refsource_HP
	http://www.ubuntu.com/usn/USN-2031-1	vendor-advisoryx_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2032-1	vendor-advisoryx_refsource_UBUNTU
	http://my.opera.com/securitygroup/blog/2013/03/20…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.opera.com/security/advisory/1046	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
	http://www.mozilla.org/security/announce/2013/mfs…	x_refsource_CONFIRM
	http://www.isg.rhul.ac.uk/tls/	x_refsource_MISC
	http://www.opera.com/docs/changelogs/unified/1215/	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:32.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
          },
          {
            "name": "58796",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58796"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
          },
          {
            "name": "HPSBGN03324",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "GLSA-201504-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201504-01"
          },
          {
            "name": "GLSA-201406-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "SSRT102035",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
          },
          {
            "name": "USN-2031-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2031-1"
          },
          {
            "name": "USN-2032-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2032-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/security/advisory/1046"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.isg.rhul.ac.uk/tls/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/docs/changelogs/unified/1215/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-18T01:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
        },
        {
          "name": "58796",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58796"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
        },
        {
          "name": "HPSBGN03324",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "name": "GLSA-201504-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201504-01"
        },
        {
          "name": "GLSA-201406-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "SSRT102035",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
        },
        {
          "name": "USN-2031-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2031-1"
        },
        {
          "name": "USN-2032-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2032-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/security/advisory/1046"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.isg.rhul.ac.uk/tls/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/docs/changelogs/unified/1215/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2566",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html",
              "refsource": "MISC",
              "url": "http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html"
            },
            {
              "name": "58796",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58796"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "http://cr.yp.to/talks/2013.03.12/slides.pdf",
              "refsource": "MISC",
              "url": "http://cr.yp.to/talks/2013.03.12/slides.pdf"
            },
            {
              "name": "HPSBGN03324",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "GLSA-201504-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201504-01"
            },
            {
              "name": "GLSA-201406-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-19.xml"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "SSRT102035",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143039468003789\u0026w=2"
            },
            {
              "name": "USN-2031-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2031-1"
            },
            {
              "name": "USN-2032-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2032-1"
            },
            {
              "name": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4",
              "refsource": "CONFIRM",
              "url": "http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
            },
            {
              "name": "http://www.opera.com/security/advisory/1046",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/security/advisory/1046"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-103.html"
            },
            {
              "name": "http://www.isg.rhul.ac.uk/tls/",
              "refsource": "MISC",
              "url": "http://www.isg.rhul.ac.uk/tls/"
            },
            {
              "name": "http://www.opera.com/docs/changelogs/unified/1215/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/docs/changelogs/unified/1215/"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-2566",
    "datePublished": "2013-03-14T22:00:00",
    "dateReserved": "2013-03-14T00:00:00",
    "dateUpdated": "2024-08-06T15:44:32.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}