4.3
CVE-2014-0852
- EPSS 0.41%
- Veröffentlicht 16.08.2014 04:39:55
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM WebSphere DataPower SOA appliances through 4.0.2.15, 5.x through 5.0.0.17, 6.0.0.x through 6.0.0.9, and 6.0.1.x through 6.0.1.5 make it easier for remote attackers to obtain a PreMasterSecret value and defeat cryptographic protection mechanisms by sending a large number of requests in an SSL/TLS side-channel timing attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Datapower Soa Appliance Firmware Version <= 4.0.2.15
Ibm ≫ Websphere Datapower Soa Appliance Firmware Version5.0.0
Ibm ≫ Websphere Datapower Soa Appliance Firmware Version6.0.0
Ibm ≫ Websphere Datapower Soa Appliance Firmware Version6.0.1
Ibm ≫ Websphere Datapower Soa Appliance Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.583 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|