Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K15568
HistorySep 11, 2015 - 12:00 a.m.

K15568 : OpenSSL vulnerability CVE-2014-3510

2015-09-1100:00:00
my.f5.com
18

4.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.02 Low

EPSS

Percentile

87.7%

JSON

Security Advisory Description

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. (CVE-2014-3510)

Impact

A malicious server may be able to cause a denial-of-service (DoS) to clients using anonymous Diffie-Hellman (DH) ciphersuites via crafted packets.

Related

nessus 44
ubuntucve 1
checkpoint_advisories 1
f5 1
prion 1
debiancve 1
openssl 1
veracode 1
cve 1
openvas 32
ibm 30
redhat 3
centos 2
debian 2
oraclelinux 8
freebsd_advisory 1
slackware 1
osv 1
mageia 1
freebsd 1
aix 1
amazon 1
huawei 1
ubuntu 1
securityvulns 2
kaspersky 1
fedora 8
altlinux 5
gentoo 1
suse 1
lenovo 2
nessus
nessus
F5 Networks BIG-IP : OpenSSL vulnerability (SOL15568)
2014-10-10 00:00:00
OpenSSL 0.9.8 < 0.9.8zb Multiple Vulnerabilities
2014-08-08 00:00:00
CentOS 5 : openssl (CESA-2014:1053)
2014-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2014-3510
2014-08-07 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL DTLS Anonymous ECDH Denial of Service (CVE-2014-3510)
2015-02-04 00:00:00
f5
f5
SOL15568 - OpenSSL vulnerability CVE-2014-3510
2014-09-05 00:00:00
prion
prion
Null pointer dereference
2014-08-13 23:55:00
debiancve
debiancve
CVE-2014-3510
2014-08-13 23:55:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-3510
2014-08-06 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-07 01:02:25
cve
cve
CVE-2014-3510
2014-08-13 23:55:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:1049-1)
2021-06-09 00:00:00
CentOS Update for openssl CESA-2014:1053 centos5
2014-08-14 00:00:00
OpenSSL Multiple Vulnerabilities (20140806 - 1) - Linux
2021-07-19 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in Open SSL affects IBM System Networking products
2019-01-31 01:45:01
Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)
2018-06-16 21:19:45
Security Bulletin: Multiple vulnerabilities in OpenSSL affect MegaRAID Storage Manager (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3567)
2019-01-31 01:55:01
redhat
redhat
(RHSA-2014:1053) Moderate: openssl security update
2014-08-13 00:00:00
(RHSA-2014:1052) Moderate: openssl security update
2014-08-13 00:00:00
(RHSA-2014:1054) Moderate: openssl security update
2014-08-14 00:00:00
centos
centos
openssl security update
2014-08-13 19:52:24
openssl security update
2014-08-13 20:10:43
debian
debian
[DLA 33-1] openssl security update
2014-08-07 20:36:09
[SECURITY] [DSA 2998-1] openssl security update
2014-08-06 23:44:13
oraclelinux
oraclelinux
openssl security update
2014-08-13 00:00:00
openssl security update
2014-08-13 00:00:00
openssl security update
2014-10-16 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:18.openssl
2014-09-09 00:00:00
slackware
slackware
[slackware-security] openssl
2014-08-08 21:22:00
osv
osv
openssl - security update
2014-08-07 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-08-12 13:16:46
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-08-06 00:00:00
aix
aix
AIX OpenSSL Denial of Service due to double free and others
2014-09-09 00:50:00
amazon
amazon
Medium: openssl
2014-08-07 12:26:00
huawei
huawei
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
2014-10-08 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-08-07 00:00:00
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-08-07 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
kaspersky
kaspersky
KLA10343 Multiple vulnerabilities in Stunnel
2014-08-07 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-openssl-1.0.1j-1.fc21
2015-01-02 05:06:53
[SECURITY] Fedora 20 Update: openssl-1.0.1e-39.fc20
2014-08-09 07:36:05
[SECURITY] Fedora 19 Update: openssl-1.0.1e-39.fc19
2014-08-09 07:34:58
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 1.0.1j-alt1
2014-10-30 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt0.M70P.1
2014-10-31 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1j-alt1
2014-10-30 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-12-26 00:00:00
suse
suse
Security update for libopenssl0_9_8 (important)
2016-03-03 14:11:44
lenovo
lenovo
Intel® PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intel® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51

4.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.02 Low

EPSS

Percentile

87.7%

JSON
Related for F5:K15568
nessus44ubuntucve1checkpoint_advisories1f51prion1debiancve1openssl1veracode1cve1openvas32ibm30redhat3centos2debian2oraclelinux8freebsd_advisory1slackware1osv1mageia1freebsd1aix1amazon1huawei1ubuntu1securityvulns2kaspersky1fedora8altlinux5gentoo1suse1lenovo2