admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-31xx/CVE-2015-3197.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

486 lines
16 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-3197",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-02-15T02:59:01.980",
"lastModified": "2023-11-07T02:25:31.933",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions."
},
{
"lang": "es",
"value": "ssl/s2_srvr.c en OpenSSL 1.0.1 en versiones anteriores a 1.0.1r y 1.0.2 en versiones anteriores a 1.0.2f no impide el uso de cifrados deshabilitados, lo que hace que sea m\u00e1s f\u00e1cil para atacantes man-in-the-middle vencer los mecanismos de protecci\u00f3n criptogr\u00e1fica llevando a cabo c\u00e1lculos sobre tr\u00e1fico SSLv2, relacionado con las funciones get_client_master_key y get_client_hello."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-310"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:tuxedo:12.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED0F7609-6AF0-4EEB-8531-8E66C6D18A64"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D70580AD-2134-49D3-BE15-020023A10E87"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.53:*:*:*:*:*:*:*",
"matchCriteriaId": "7F56F01F-9580-4858-A98F-63AD48491328"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD82442-3535-4BB9-8888-F61A35B900AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
"matchCriteriaId": "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "21F16D65-8A46-4AC7-8970-73AB700035FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"matchCriteriaId": "92F393FF-7E6F-4671-BFBF-060162E12659"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E1B85A09-CF8D-409D-966E-168F9959F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"matchCriteriaId": "3703E445-17C0-4C85-A496-A35641C0C8DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"matchCriteriaId": "2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEC1927-F469-4B9E-B544-DA6CF90F0B34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"matchCriteriaId": "DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EC827B-5313-47D7-BF49-CFF033CF3D53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"matchCriteriaId": "A438E65F-33B1-46BC-AD93-200DCC6B43D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFDCF78-62C1-429E-A43C-0C9FEC14837D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0B4DEF-C6E8-4243-9893-6E650013600C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"matchCriteriaId": "18797BEE-417D-4959-9AAD-C5A7C051B524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6FAA3C31-BD9D-45A9-A502-837FECA6D479"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "6455A421-9956-4846-AC7C-3431E0D37D23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "60F946FD-F564-49DA-B043-5943308BA9EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"matchCriteriaId": "9B89180B-FB68-4DD8-B076-16E51CC7FB91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"matchCriteriaId": "4C986592-4086-4A39-9767-EF34DBAA6A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "7B23181C-03DB-4E92-B3F6-6B585B5231B4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:oss_support_tools:8.11.16.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "125C0E9C-3052-461E-8903-A60568AC0634"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "EF12AB67-8C57-4BF7-AD3B-58B50A5B2023"
}
]
}
]
}
],
"references": [
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openssl.org/news/secadv/20160128.txt",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/82237",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/91787",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id/1034849",
"source": "secalert@redhat.com"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"source": "secalert@redhat.com"
},
{
"url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=d81a1600588b726c2bdccda7efad3cc7a87d6245",
"source": "secalert@redhat.com"
},
{
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us",
"source": "secalert@redhat.com"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893",
"source": "secalert@redhat.com"
},
{
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc",
"source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/201601-05",
"source": "secalert@redhat.com"
},
{
"url": "https://www.kb.cert.org/vuls/id/257823",
"source": "secalert@redhat.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink