Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K15565
HistorySep 05, 2014 - 12:00 a.m.

K15565 : OpenSSL vulnerability CVE-2014-3512

2014-09-0500:00:00
my.f5.com
14

4.8 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.931 High

EPSS

Percentile

98.9%

JSON

Security Advisory Description

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter. (CVE-2014-3512)

Impact

A malicious client or server may be able to overrun an internal buffer by sending invalid Secure Remote Password (SRP) parameters. Only applications which are explicitly set up for SRP use are affected.

Related

checkpoint_advisories 1
cvelist 1
debiancve 1
prion 1
f5 1
openssl 1
veracode 1
cve 1
ubuntucve 1
ibm 15
openvas 9
nessus 18
freebsd_advisory 1
amazon 1
aix 1
mageia 1
freebsd 1
huawei 1
ubuntu 1
slackware 1
osv 1
debian 1
securityvulns 2
kaspersky 1
gentoo 1
altlinux 5
checkpoint_advisories
checkpoint_advisories
OpenSSL Multiple Invalid SRP Parameters Buffer Overflow (CVE-2014-3512)
2014-12-25 00:00:00
cvelist
cvelist
CVE-2014-3512
2014-08-13 23:00:00
debiancve
debiancve
CVE-2014-3512
2014-08-13 23:55:00
prion
prion
Buffer overflow
2014-08-13 23:55:00
f5
f5
SOL15565 - OpenSSL vulnerability CVE-2014-3512
2014-09-04 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-3512
2014-08-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-07 00:49:39
cve
cve
CVE-2014-3512
2014-08-13 23:55:00
ubuntucve
ubuntucve
CVE-2014-3512
2014-08-07 00:00:00
ibm
ibm
Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL (CVE-2014-3511, CVE-2014-3512)
2018-06-16 19:43:50
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Netezza Platform Software
2019-10-18 03:10:29
Security Bulletin: Network Intrusion Prevention System is affected by multiple OpenSSL vulnerabilities (CVE-2014-3508, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)
2022-02-23 19:21:55
openvas
openvas
OpenSSL Multiple Vulnerabilities (20140806 - 2) - Linux
2021-07-19 00:00:00
OpenSSL Multiple Vulnerabilities (20140806 - 2) - Windows
2021-07-19 00:00:00
Mageia: Security Advisory (MGASA-2014-0325)
2022-01-28 00:00:00
nessus
nessus
Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649)
2014-10-14 00:00:00
Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3505_denial_of)
2015-01-19 00:00:00
OpenSSL < 0.9.8zb / < 1.0.0n / < 1.0.1i Multiple Vulnerabilities
2014-08-15 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:18.openssl
2014-09-09 00:00:00
amazon
amazon
Medium: openssl
2014-08-07 12:26:00
aix
aix
AIX OpenSSL Denial of Service due to double free and others
2014-09-09 00:50:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-08-12 13:16:46
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-08-06 00:00:00
huawei
huawei
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
2014-10-08 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-08-07 00:00:00
slackware
slackware
[slackware-security] openssl
2014-08-08 21:22:00
osv
osv
openssl - security update
2014-08-07 00:00:00
debian
debian
[SECURITY] [DSA 2998-1] openssl security update
2014-08-06 23:45:18
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-08-07 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
kaspersky
kaspersky
KLA10343 Multiple vulnerabilities in Stunnel
2014-08-07 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-12-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt0.M70P.1
2014-10-31 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00

4.8 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.931 High

EPSS

Percentile

98.9%

JSON
Related for F5:K15565
checkpoint_advisories1cvelist1debiancve1prion1f51openssl1veracode1cve1ubuntucve1ibm15openvas9nessus18freebsd_advisory1amazon1aix1mageia1freebsd1huawei1ubuntu1slackware1osv1debian1securityvulns2kaspersky1gentoo1altlinux5