Lucene search
HistoryNov 06, 2015 - 9:59 p.m.
CVE-2014-9749
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.8%
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka “Nonce replay vulnerability.”
Affected configurations
Node
squid-cachesquidMatch3.4.4
ORsquid-cachesquidMatch3.4.5
ORsquid-cachesquidMatch3.4.6
ORsquid-cachesquidMatch3.4.7
ORsquid-cachesquidMatch3.4.8
ORsquid-cachesquidMatch3.4.9
ORsquid-cachesquidMatch3.4.10
ORsquid-cachesquidMatch3.4.11
ORsquid-cachesquidMatch3.4.12
ORsquid-cachesquidMatch3.4.13
ORsquid-cachesquidMatch3.5.0.1
ORsquid-cachesquidMatch3.5.0.2
ORsquid-cachesquidMatch3.5.0.3
ORsquid-cachesquidMatch3.5.0.4
ORsquid-cachesquidMatch3.5.1
Node
opensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
Related
nessus
nessus
openSUSE Security Update : squid (openSUSE-2015-684)
2015-10-29 00:00:00
SUSE SLES12 Security Update : squid (SUSE-SU-2017:0116-1)
2017-01-13 00:00:00
SUSE SLES11 Security Update : squid3 (SUSE-SU-2017:0110-1)
2017-01-12 00:00:00
cvelist
cvelist
CVE-2014-9749
2015-11-06 21:00:00
cve
cve
CVE-2014-9749
2015-11-06 21:59:00
ubuntucve
ubuntucve
CVE-2014-9749
2015-11-06 00:00:00
prion
prion
Authentication flaw
2015-11-06 21:59:00
debiancve
debiancve
CVE-2014-9749
2015-11-06 21:59:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0110-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1983-1)
2021-06-09 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
7.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.8%
Related for NVD:CVE-2014-9749