Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Published

2014-10-15T00:55:02.137

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 3.4 (LOW)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

8.6

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-310
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System redhat enterprise_linux 5 Yes
Operating System redhat enterprise_linux_desktop 6.0 Yes
Operating System redhat enterprise_linux_desktop 7.0 Yes
Operating System redhat enterprise_linux_desktop_supplementary 5.0 Yes
Operating System redhat enterprise_linux_desktop_supplementary 6.0 Yes
Operating System redhat enterprise_linux_server 6.0 Yes
Operating System redhat enterprise_linux_server 7.0 Yes
Operating System redhat enterprise_linux_server_supplementary 5.0 Yes
Operating System redhat enterprise_linux_server_supplementary 6.0 Yes
Operating System redhat enterprise_linux_server_supplementary 7.0 Yes
Operating System redhat enterprise_linux_workstation 6.0 Yes
Operating System redhat enterprise_linux_workstation 7.0 Yes
Operating System redhat enterprise_linux_workstation_supplementary 6.0 Yes
Operating System redhat enterprise_linux_workstation_supplementary 7.0 Yes
Operating System ibm aix 5.3 Yes
Operating System ibm aix 6.1 Yes
Operating System ibm aix 7.1 Yes
Operating System apple mac_os_x ≤ 10.10.1 Yes
Operating System mageia mageia 3.0 Yes
Operating System mageia mageia 4.0 Yes
Operating System novell suse_linux_enterprise_desktop 9.0 Yes
Operating System novell suse_linux_enterprise_desktop 10.0 Yes
Operating System novell suse_linux_enterprise_desktop 11.0 Yes
Operating System novell suse_linux_enterprise_desktop 12.0 Yes
Application novell suse_linux_enterprise_software_development_kit 11.0 Yes
Application novell suse_linux_enterprise_software_development_kit 12.0 Yes
Operating System novell suse_linux_enterprise_server 11.0 Yes
Operating System novell suse_linux_enterprise_server 11.0 Yes
Operating System novell suse_linux_enterprise_server 12.0 Yes
Operating System opensuse opensuse 12.3 Yes
Operating System opensuse opensuse 13.1 Yes
Operating System fedoraproject fedora 19 Yes
Operating System fedoraproject fedora 20 Yes
Operating System fedoraproject fedora 21 Yes
Application openssl openssl 0.9.8 Yes
Application openssl openssl 0.9.8a Yes
Application openssl openssl 0.9.8b Yes
Application openssl openssl 0.9.8c Yes
Application openssl openssl 0.9.8d Yes
Application openssl openssl 0.9.8e Yes
Application openssl openssl 0.9.8f Yes
Application openssl openssl 0.9.8g Yes
Application openssl openssl 0.9.8h Yes
Application openssl openssl 0.9.8i Yes
Application openssl openssl 0.9.8j Yes
Application openssl openssl 0.9.8k Yes
Application openssl openssl 0.9.8l Yes
Application openssl openssl 0.9.8m Yes
Application openssl openssl 0.9.8m Yes
Application openssl openssl 0.9.8n Yes
Application openssl openssl 0.9.8o Yes
Application openssl openssl 0.9.8p Yes
Application openssl openssl 0.9.8q Yes
Application openssl openssl 0.9.8r Yes
Application openssl openssl 0.9.8s Yes
Application openssl openssl 0.9.8t Yes
Application openssl openssl 0.9.8u Yes
Application openssl openssl 0.9.8v Yes
Application openssl openssl 0.9.8w Yes
Application openssl openssl 0.9.8x Yes
Application openssl openssl 0.9.8y Yes
Application openssl openssl 0.9.8z Yes
Application openssl openssl 0.9.8za Yes
Application openssl openssl 0.9.8zb Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0 Yes
Application openssl openssl 1.0.0a Yes
Application openssl openssl 1.0.0b Yes
Application openssl openssl 1.0.0c Yes
Application openssl openssl 1.0.0d Yes
Application openssl openssl 1.0.0e Yes
Application openssl openssl 1.0.0f Yes
Application openssl openssl 1.0.0g Yes
Application openssl openssl 1.0.0h Yes
Application openssl openssl 1.0.0i Yes
Application openssl openssl 1.0.0j Yes
Application openssl openssl 1.0.0k Yes
Application openssl openssl 1.0.0l Yes
Application openssl openssl 1.0.0m Yes
Application openssl openssl 1.0.0n Yes
Application openssl openssl 1.0.1 Yes
Application openssl openssl 1.0.1 Yes
Application openssl openssl 1.0.1 Yes
Application openssl openssl 1.0.1 Yes
Application openssl openssl 1.0.1a Yes
Application openssl openssl 1.0.1b Yes
Application openssl openssl 1.0.1c Yes
Application openssl openssl 1.0.1d Yes
Application openssl openssl 1.0.1e Yes
Application openssl openssl 1.0.1f Yes
Application openssl openssl 1.0.1g Yes
Application openssl openssl 1.0.1h Yes
Application openssl openssl 1.0.1i Yes
Application ibm vios 2.2.0.10 Yes
Application ibm vios 2.2.0.11 Yes
Application ibm vios 2.2.0.12 Yes
Application ibm vios 2.2.0.13 Yes
Application ibm vios 2.2.1.0 Yes
Application ibm vios 2.2.1.1 Yes
Application ibm vios 2.2.1.3 Yes
Application ibm vios 2.2.1.4 Yes
Application ibm vios 2.2.1.5 Yes
Application ibm vios 2.2.1.6 Yes
Application ibm vios 2.2.1.7 Yes
Application ibm vios 2.2.1.8 Yes
Application ibm vios 2.2.1.9 Yes
Application ibm vios 2.2.2.0 Yes
Application ibm vios 2.2.2.1 Yes
Application ibm vios 2.2.2.2 Yes
Application ibm vios 2.2.2.3 Yes
Application ibm vios 2.2.2.4 Yes
Application ibm vios 2.2.2.5 Yes
Application ibm vios 2.2.3.0 Yes
Application ibm vios 2.2.3.1 Yes
Application ibm vios 2.2.3.2 Yes
Application ibm vios 2.2.3.3 Yes
Application ibm vios 2.2.3.4 Yes
Operating System netbsd netbsd 5.1 Yes
Operating System netbsd netbsd 5.1.1 Yes
Operating System netbsd netbsd 5.1.2 Yes
Operating System netbsd netbsd 5.1.3 Yes
Operating System netbsd netbsd 5.1.4 Yes
Operating System netbsd netbsd 5.2 Yes
Operating System netbsd netbsd 5.2.1 Yes
Operating System netbsd netbsd 5.2.2 Yes
Operating System netbsd netbsd 6.0 Yes
Operating System netbsd netbsd 6.0 Yes
Operating System netbsd netbsd 6.0.1 Yes
Operating System netbsd netbsd 6.0.2 Yes
Operating System netbsd netbsd 6.0.3 Yes
Operating System netbsd netbsd 6.0.4 Yes
Operating System netbsd netbsd 6.0.5 Yes
Operating System netbsd netbsd 6.0.6 Yes
Operating System netbsd netbsd 6.1 Yes
Operating System netbsd netbsd 6.1.1 Yes
Operating System netbsd netbsd 6.1.2 Yes
Operating System netbsd netbsd 6.1.3 Yes
Operating System netbsd netbsd 6.1.4 Yes
Operating System netbsd netbsd 6.1.5 Yes
Operating System debian debian_linux 7.0 Yes
Operating System debian debian_linux 8.0 Yes
Application oracle database 11.2.0.4 Yes
Application oracle database 12.1.0.2 Yes
References