4.3

CVE-2014-8730

EPSS 3.11%
Published 10.12.2014 00:59:01
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

F5 ≫ Big-ip Local Traffic Manager Version10.0.0

F5 ≫ Big-ip Local Traffic Manager Version10.0.1

F5 ≫ Big-ip Local Traffic Manager Version10.1.0

F5 ≫ Big-ip Local Traffic Manager Version10.2.0

F5 ≫ Big-ip Local Traffic Manager Version10.2.1

F5 ≫ Big-ip Local Traffic Manager Version10.2.2

F5 ≫ Big-ip Local Traffic Manager Version10.2.3

F5 ≫ Big-ip Local Traffic Manager Version10.2.4

F5 ≫ Big-ip Local Traffic Manager Version11.0.0

F5 ≫ Big-ip Local Traffic Manager Version11.1.0

F5 ≫ Big-ip Local Traffic Manager Version11.2.0

F5 ≫ Big-ip Local Traffic Manager Version11.2.1

F5 ≫ Big-ip Local Traffic Manager Version11.3.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.1

F5 ≫ Big-ip Local Traffic Manager Version11.5.1

F5 ≫ Big-ip Access Policy Manager Version10.1.0

F5 ≫ Big-ip Access Policy Manager Version10.2.0

F5 ≫ Big-ip Access Policy Manager Version10.2.1

F5 ≫ Big-ip Access Policy Manager Version10.2.2

F5 ≫ Big-ip Access Policy Manager Version10.2.3

F5 ≫ Big-ip Access Policy Manager Version10.2.4

F5 ≫ Big-ip Access Policy Manager Version11.0.0

F5 ≫ Big-ip Access Policy Manager Version11.1.0

F5 ≫ Big-ip Access Policy Manager Version11.2.0

F5 ≫ Big-ip Access Policy Manager Version11.2.1

F5 ≫ Big-ip Access Policy Manager Version11.3.0

F5 ≫ Big-ip Access Policy Manager Version11.4.0

F5 ≫ Big-ip Access Policy Manager Version11.5.0

F5 ≫ Big-ip Access Policy Manager Version11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.3.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.6.0

F5 ≫ Big-ip Protocol Security Module Version10.0.0

F5 ≫ Big-ip Protocol Security Module Version10.0.1

F5 ≫ Big-ip Protocol Security Module Version10.1.0

F5 ≫ Big-ip Protocol Security Module Version10.2.0

F5 ≫ Big-ip Protocol Security Module Version10.2.1

F5 ≫ Big-ip Protocol Security Module Version10.2.2

F5 ≫ Big-ip Protocol Security Module Version10.2.3

F5 ≫ Big-ip Protocol Security Module Version10.2.4

F5 ≫ Big-ip Protocol Security Module Version11.0.0

F5 ≫ Big-ip Protocol Security Module Version11.1.0

F5 ≫ Big-ip Protocol Security Module Version11.2.0

F5 ≫ Big-ip Protocol Security Module Version11.2.1

F5 ≫ Big-ip Protocol Security Module Version11.3.0

F5 ≫ Big-ip Protocol Security Module Version11.4.0

F5 ≫ Big-ip Protocol Security Module Version11.4.1

F5 ≫ Big-ip Application Acceleration Manager Version11.4.0

F5 ≫ Big-ip Application Acceleration Manager Version11.4.1

F5 ≫ Big-ip Application Acceleration Manager Version11.5.0

F5 ≫ Big-ip Application Acceleration Manager Version11.5.1

F5 ≫ Big-ip Application Acceleration Manager Version11.6.0

F5 ≫ Big-ip Webaccelerator Version10.0.0

F5 ≫ Big-ip Webaccelerator Version10.0.1

F5 ≫ Big-ip Webaccelerator Version10.1.0

F5 ≫ Big-ip Webaccelerator Version10.2.0

F5 ≫ Big-ip Webaccelerator Version10.2.1

F5 ≫ Big-ip Webaccelerator Version10.2.2

F5 ≫ Big-ip Webaccelerator Version10.2.3

F5 ≫ Big-ip Webaccelerator Version10.2.4

F5 ≫ Big-ip Webaccelerator Version11.0.0

F5 ≫ Big-ip Webaccelerator Version11.1.0

F5 ≫ Big-ip Webaccelerator Version11.2.0

F5 ≫ Big-ip Webaccelerator Version11.2.1

F5 ≫ Big-ip Webaccelerator Version11.3.0

F5 ≫ Big-iq Security Version4.0.0

F5 ≫ Big-iq Security Version4.1.0

F5 ≫ Big-iq Security Version4.2.0

F5 ≫ Big-iq Security Version4.3.0

F5 ≫ Big-iq Security Version4.4.0

F5 ≫ Big-ip Edge Gateway Version10.1.0

F5 ≫ Big-ip Edge Gateway Version10.2.0

F5 ≫ Big-ip Edge Gateway Version10.2.1

F5 ≫ Big-ip Edge Gateway Version10.2.2

F5 ≫ Big-ip Edge Gateway Version10.2.3

F5 ≫ Big-ip Edge Gateway Version10.2.4

F5 ≫ Big-ip Edge Gateway Version11.0.0

F5 ≫ Big-ip Edge Gateway Version11.1.0

F5 ≫ Big-ip Edge Gateway Version11.2.0

F5 ≫ Big-ip Edge Gateway Version11.2.1

F5 ≫ Big-ip Edge Gateway Version11.3.0

F5 ≫ Big-iq Device Version4.2.0

F5 ≫ Big-iq Device Version4.3.0

F5 ≫ Big-iq Device Version4.4.0

F5 ≫ Big-ip Application Security Manager Version10.0.0

F5 ≫ Big-ip Application Security Manager Version10.0.1

F5 ≫ Big-ip Application Security Manager Version10.1.0

F5 ≫ Big-ip Application Security Manager Version10.2.0

F5 ≫ Big-ip Application Security Manager Version10.2.1

F5 ≫ Big-ip Application Security Manager Version10.2.2

F5 ≫ Big-ip Application Security Manager Version10.2.3

F5 ≫ Big-ip Application Security Manager Version10.2.4

F5 ≫ Big-ip Application Security Manager Version11.0.0

F5 ≫ Big-ip Application Security Manager Version11.1.0

F5 ≫ Big-ip Application Security Manager Version11.2.0

F5 ≫ Big-ip Application Security Manager Version11.2.1

F5 ≫ Big-ip Application Security Manager Version11.3.0

F5 ≫ Big-ip Application Security Manager Version11.4.0

F5 ≫ Big-ip Application Security Manager Version11.4.1

F5 ≫ Big-ip Application Security Manager Version11.5.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.3.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.1

F5 ≫ Big-ip Analytics Version11.0.0

F5 ≫ Big-ip Analytics Version11.1.0

F5 ≫ Big-ip Analytics Version11.2.0

F5 ≫ Big-ip Analytics Version11.2.1

F5 ≫ Big-ip Analytics Version11.3.0

F5 ≫ Big-ip Analytics Version11.4.0

F5 ≫ Big-ip Analytics Version11.4.1

F5 ≫ Big-ip Analytics Version11.5.0

F5 ≫ Big-ip Analytics Version11.5.1

F5 ≫ Big-iq Cloud Version4.0.0

F5 ≫ Big-iq Cloud Version4.1.0

F5 ≫ Big-iq Cloud Version4.2.0

F5 ≫ Big-iq Cloud Version4.3.0

F5 ≫ Big-iq Cloud Version4.4.0

F5 ≫ Big-ip Wan Optimization Manager Version10.0.0

F5 ≫ Big-ip Wan Optimization Manager Version10.0.1

F5 ≫ Big-ip Wan Optimization Manager Version10.1.0

F5 ≫ Big-ip Wan Optimization Manager Version10.2.0

F5 ≫ Big-ip Wan Optimization Manager Version10.2.1

F5 ≫ Big-ip Wan Optimization Manager Version10.2.2

F5 ≫ Big-ip Wan Optimization Manager Version10.2.3

F5 ≫ Big-ip Wan Optimization Manager Version10.2.4

F5 ≫ Big-ip Wan Optimization Manager Version11.0.0

F5 ≫ Big-ip Wan Optimization Manager Version11.1.0

F5 ≫ Big-ip Wan Optimization Manager Version11.2.0

F5 ≫ Big-ip Wan Optimization Manager Version11.2.1

F5 ≫ Big-ip Wan Optimization Manager Version11.3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.11%	0.863

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

https://support.lenovo.com/product_security/poodle

https://support.lenovo.com/us/en/product_security/poodle

http://marc.info/?l=bugtraq&m=144372772101168&w=2

http://secunia.com/advisories/62167

http://secunia.com/advisories/62224

http://secunia.com/advisories/62388

http://www-01.ibm.com/support/docview.wss?uid=swg21693271

http://www-01.ibm.com/support/docview.wss?uid=swg21693337

http://www-01.ibm.com/support/docview.wss?uid=swg21693495

http://www.openwall.com/lists/oss-security/2014/12/09/27

https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151

Vendor Advisory

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635

https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html

Vendor Advisory

https://www.imperialviolet.org/2014/12/08/poodleagain.html

https://nvd.nist.gov/vuln/detail/CVE-2014-8730

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-8730

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-8730

EUVD