CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Published at
2014-04-07T22:55Z
3672 days ago
Modified
2023-02-10T16:58Z
441 days ago
CWE-125
Problem type
Impact
- CVSS v3 vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Severity Score Vector
7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NReferences
GET https://vulnerabilitydata.com/api/details/CVE-2014-0160
{
"id": "CVE-2014-0160",
"published_date": "2014-04-07T22:55Z",
"last_modified_date": "2023-02-10T16:58Z",
"assigner": "secalert@redhat.com",
"description": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.",
"references": [
{
"url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "http://www.openssl.org/news/secadv_20140407.txt",
"name": "http://www.openssl.org/news/secadv_20140407.txt",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://heartbleed.com/",
"name": "http://heartbleed.com/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030078",
"name": "1030078",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Apr/109",
"name": "20140409 Re: heartbleed OpenSSL bug CVE-2014-0160",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Apr/190",
"name": "20140412 Re: heartbleed OpenSSL bug CVE-2014-0160",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/000184.html",
"name": "[syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"name": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0376.html",
"name": "RHSA-2014:0376",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0396.html",
"name": "RHSA-2014:0396",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030082",
"name": "1030082",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://secunia.com/advisories/57347",
"name": "57347",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139722163017074&w=2",
"name": "HPSBMU02995",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030077",
"name": "1030077",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.debian.org/security/2014/dsa-2896",
"name": "DSA-2896",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0377.html",
"name": "RHSA-2014:0377",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030080",
"name": "1030080",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html",
"name": "FEDORA-2014-4879",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030074",
"name": "1030074",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Apr/90",
"name": "20140408 heartbleed OpenSSL bug CVE-2014-0160",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030081",
"name": "1030081",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed",
"name": "20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0378.html",
"name": "RHSA-2014:0378",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Apr/91",
"name": "20140408 Re: heartbleed OpenSSL bug CVE-2014-0160",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/57483",
"name": "57483",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.splunk.com/view/SP-CAAAMB3",
"name": "http://www.splunk.com/view/SP-CAAAMB3",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html",
"name": "FEDORA-2014-4910",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1030079",
"name": "1030079",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html",
"name": "openSUSE-SU-2014:0492",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/57721",
"name": "57721",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.blackberry.com/btsc/KB35882",
"name": "http://www.blackberry.com/btsc/KB35882",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securitytracker.com/id/1030026",
"name": "1030026",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html",
"name": "SUSE-SA:2014:002",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/66690",
"name": "66690",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"name": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.us-cert.gov/ncas/alerts/TA14-098A",
"name": "TA14-098A",
"refsource": "CERT",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"name": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"name": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"name": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/57966",
"name": "57966",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"name": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Apr/173",
"name": "20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"name": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/57968",
"name": "57968",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85",
"name": "https://code.google.com/p/mod-spdy/issues/detail?id=85",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.exploit-db.com/exploits/32745",
"name": "32745",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/720951",
"name": "VU#720951",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"name": "https://www.cert.fi/en/reports/2014/vulnerability788210.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.exploit-db.com/exploits/32764",
"name": "32764",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://secunia.com/advisories/57836",
"name": "57836",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/chapmajs/10473815",
"name": "https://gist.github.com/chapmajs/10473815",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"name": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://cogentdatahub.com/ReleaseNotes.html",
"name": "http://cogentdatahub.com/ReleaseNotes.html",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905458328378&w=2",
"name": "HPSBMU03009",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139869891830365&w=2",
"name": "HPSBMU03022",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139889113431619&w=2",
"name": "HPSBMU03024",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"name": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=1",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.kerio.com/support/kerio-control/release-history",
"name": "http://www.kerio.com/support/kerio-control/release-history",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"name": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=3",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://advisories.mageia.org/MGASA-2014-0165.html",
"name": "http://advisories.mageia.org/MGASA-2014-0165.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04260637-4%257CdocLocale%253Den_US%257CcalledBy%253DSearch_Result&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken",
"name": "HPSBST03000",
"refsource": "HP",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://filezilla-project.org/versions.php?type=server",
"name": "https://filezilla-project.org/versions.php?type=server",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=141287864628122&w=2",
"name": "HPSBHF03136",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2014/Dec/23",
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"tags": [
"Not Applicable"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2",
"name": "SSRT101846",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"name": "MDVSA-2015:062",
"refsource": "MANDRIVA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139817727317190&w=2",
"name": "HPSBMU03017",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139757726426985&w=2",
"name": "HPSBMU02994",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139758572430452&w=2",
"name": "HPSBST03001",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905653828999&w=2",
"name": "HPSBST03004",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139842151128341&w=2",
"name": "HPSBST03016",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905405728262&w=2",
"name": "HPSBMU03032",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139833395230364&w=2",
"name": "HPSBGN03011",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139824993005633&w=2",
"name": "HPSBMU03013",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139843768401936&w=2",
"name": "HPSBMU03023",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905202427693&w=2",
"name": "HPSBMU03029",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139774054614965&w=2",
"name": "HPSBGN03008",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139889295732144&w=2",
"name": "HPSBPI03031",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139835815211508&w=2",
"name": "HPSBHF03021",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=140724451518351&w=2",
"name": "HPSBMU03037",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139808058921905&w=2",
"name": "HPSBMU03012",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139836085512508&w=2",
"name": "HPSBMU03020",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139869720529462&w=2",
"name": "HPSBMU03025",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905868529690&w=2",
"name": "HPSBST03027",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139765756720506&w=2",
"name": "HPSBMU02999",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=140015787404650&w=2",
"name": "HPSBMU03040",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139824923705461&w=2",
"name": "HPSBST03015",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139757919027752&w=2",
"name": "HPSBMU02997",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139774703817488&w=2",
"name": "HPSBGN03010",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905243827825&w=2",
"name": "HPSBMU03028",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=140075368411126&w=2",
"name": "HPSBMU03044",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905295427946&w=2",
"name": "HPSBMU03033",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139835844111589&w=2",
"name": "HPSBPI03014",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139757819327350&w=2",
"name": "HPSBMU02998",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139817685517037&w=2",
"name": "HPSBMU03019",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139905351928096&w=2",
"name": "HPSBMU03030",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=139817782017443&w=2",
"name": "HPSBMU03018",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"name": "HPSBMU03062",
"refsource": "HP",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160512_00",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"name": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_Notes.pdf",
"refsource": "CONFIRM",
"tags": [
"Not Applicable"
]
},
{
"url": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"name": "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/59347",
"name": "59347",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/59243",
"name": "59243",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/59139",
"name": "59139",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html",
"name": "FEDORA-2014-9308",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-119-01",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
]
},
{
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"name": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://support.citrix.com/article/CTX140605",
"name": "http://support.citrix.com/article/CTX140605",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2165-1",
"name": "USN-2165-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html",
"name": "openSUSE-SU-2014:0560",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E",
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E",
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"name": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E",
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E",
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd",
"name": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
],
"impact": {
"baseMetricV3": {
"cvssV3": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
"baseMetricV2": {
"cvssV2": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5
},
"severity": "MEDIUM",
"exploitabilityScore": 10,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
},
"problem_type": "CWE-125"
}