4.3

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Data is provided by the National Vulnerability Database (NVD)
RedhatEnterprise Linux Version5
IbmAix Version5.3
IbmAix Version6.1
IbmAix Version7.1
ApplemacOS X Version <= 10.10.1
MageiaMageia Version3.0
MageiaMageia Version4.0
NovellSuse Linux Enterprise Server Version11.0 Updatesp3
NovellSuse Linux Enterprise Server Version11.0 Updatesp3 SwPlatformvmware
OpensuseOpensuse Version12.3
OpensuseOpensuse Version13.1
FedoraprojectFedora Version19
FedoraprojectFedora Version20
FedoraprojectFedora Version21
OpenSSLOpenSSL Version0.9.8
OpenSSLOpenSSL Version0.9.8a
OpenSSLOpenSSL Version0.9.8b
OpenSSLOpenSSL Version0.9.8c
OpenSSLOpenSSL Version0.9.8d
OpenSSLOpenSSL Version0.9.8e
OpenSSLOpenSSL Version0.9.8f
OpenSSLOpenSSL Version0.9.8g
OpenSSLOpenSSL Version0.9.8h
OpenSSLOpenSSL Version0.9.8i
OpenSSLOpenSSL Version0.9.8j
OpenSSLOpenSSL Version0.9.8k
OpenSSLOpenSSL Version0.9.8l
OpenSSLOpenSSL Version0.9.8m
OpenSSLOpenSSL Version0.9.8m Updatebeta1
OpenSSLOpenSSL Version0.9.8n
OpenSSLOpenSSL Version0.9.8o
OpenSSLOpenSSL Version0.9.8p
OpenSSLOpenSSL Version0.9.8q
OpenSSLOpenSSL Version0.9.8r
OpenSSLOpenSSL Version0.9.8s
OpenSSLOpenSSL Version0.9.8t
OpenSSLOpenSSL Version0.9.8u
OpenSSLOpenSSL Version0.9.8v
OpenSSLOpenSSL Version0.9.8w
OpenSSLOpenSSL Version0.9.8x
OpenSSLOpenSSL Version0.9.8y
OpenSSLOpenSSL Version0.9.8z
OpenSSLOpenSSL Version0.9.8za
OpenSSLOpenSSL Version0.9.8zb
OpenSSLOpenSSL Version1.0.0
OpenSSLOpenSSL Version1.0.0 Updatebeta1
OpenSSLOpenSSL Version1.0.0 Updatebeta2
OpenSSLOpenSSL Version1.0.0 Updatebeta3
OpenSSLOpenSSL Version1.0.0 Updatebeta4
OpenSSLOpenSSL Version1.0.0 Updatebeta5
OpenSSLOpenSSL Version1.0.0a
OpenSSLOpenSSL Version1.0.0b
OpenSSLOpenSSL Version1.0.0c
OpenSSLOpenSSL Version1.0.0d
OpenSSLOpenSSL Version1.0.0e
OpenSSLOpenSSL Version1.0.0f
OpenSSLOpenSSL Version1.0.0g
OpenSSLOpenSSL Version1.0.0h
OpenSSLOpenSSL Version1.0.0i
OpenSSLOpenSSL Version1.0.0j
OpenSSLOpenSSL Version1.0.0k
OpenSSLOpenSSL Version1.0.0l
OpenSSLOpenSSL Version1.0.0m
OpenSSLOpenSSL Version1.0.0n
OpenSSLOpenSSL Version1.0.1
OpenSSLOpenSSL Version1.0.1 Updatebeta1
OpenSSLOpenSSL Version1.0.1 Updatebeta2
OpenSSLOpenSSL Version1.0.1 Updatebeta3
OpenSSLOpenSSL Version1.0.1a
OpenSSLOpenSSL Version1.0.1b
OpenSSLOpenSSL Version1.0.1c
OpenSSLOpenSSL Version1.0.1d
OpenSSLOpenSSL Version1.0.1e
OpenSSLOpenSSL Version1.0.1f
OpenSSLOpenSSL Version1.0.1g
OpenSSLOpenSSL Version1.0.1h
OpenSSLOpenSSL Version1.0.1i
IbmVios Version2.2.0.10
IbmVios Version2.2.0.11
IbmVios Version2.2.0.12
IbmVios Version2.2.0.13
IbmVios Version2.2.1.0
IbmVios Version2.2.1.1
IbmVios Version2.2.1.3
IbmVios Version2.2.1.4
IbmVios Version2.2.1.5
IbmVios Version2.2.1.6
IbmVios Version2.2.1.7
IbmVios Version2.2.1.8
IbmVios Version2.2.1.9
IbmVios Version2.2.2.0
IbmVios Version2.2.2.1
IbmVios Version2.2.2.2
IbmVios Version2.2.2.3
IbmVios Version2.2.2.4
IbmVios Version2.2.2.5
IbmVios Version2.2.3.0
IbmVios Version2.2.3.1
IbmVios Version2.2.3.2
IbmVios Version2.2.3.3
IbmVios Version2.2.3.4
NetbsdNetbsd Version5.1
NetbsdNetbsd Version5.1.1
NetbsdNetbsd Version5.1.2
NetbsdNetbsd Version5.1.3
NetbsdNetbsd Version5.1.4
NetbsdNetbsd Version5.2
NetbsdNetbsd Version5.2.1
NetbsdNetbsd Version5.2.2
NetbsdNetbsd Version6.0
NetbsdNetbsd Version6.0 Updatebeta
NetbsdNetbsd Version6.0.1
NetbsdNetbsd Version6.0.2
NetbsdNetbsd Version6.0.3
NetbsdNetbsd Version6.0.4
NetbsdNetbsd Version6.0.5
NetbsdNetbsd Version6.0.6
NetbsdNetbsd Version6.1
NetbsdNetbsd Version6.1.1
NetbsdNetbsd Version6.1.2
NetbsdNetbsd Version6.1.3
NetbsdNetbsd Version6.1.4
NetbsdNetbsd Version6.1.5
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
OracleDatabase Version11.2.0.4
OracleDatabase Version12.1.0.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 94.02% 0.999
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 3.4 1.6 1.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
Third Party Advisory
US Government Resource
http://support.apple.com/HT204244
Third Party Advisory
http://www.kb.cert.org/vuls/id/577193
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/533746
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/533747
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/70574
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031029
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031039
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031085
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031086
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031087
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031088
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031089
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031090
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031091
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031092
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031093
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031094
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031095
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031096
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031105
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031106
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031107
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031120
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031123
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031124
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031130
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031131
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031132
Third Party Advisory
VDB Entry
http://www.us-cert.gov/ncas/alerts/TA14-290A
Third Party Advisory
US Government Resource