Vulnerability Name:

CVE-2014-8176 (CCN-103782)

Assigned:2014-10-10
Published:2015-06-11
Updated:2022-12-13
Summary:The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
CVSS v3 Severity:5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-8176

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2016-2957
Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Cisco Security Advisory ID: cisco-sa-20150612-openssl
Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 1963438
Vulnerabilities in OpenSSL including Logjam affect IBM Security Identity Governance

Source: CCN
Type: IBM Security Bulletin T1022444
PowerKVM is affected by OpenSSL vulnerabilities (multiple CVEs)

Source: CCN
Type: IBM Security Bulletin T1022527
Vulnerabilities in OpenSSL including Logjam affect IBM GPFS V3.5 for Windows (CVE-2015-4000, CVE-2015-1793, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin T1022647
Vulnerabilities in OpenSSL affect IBM Cloud Manager with OpenStack (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin T1022655
Vulnerabilities in OpenSSL affect IBM SmartCloud Entry (CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin T1022724
OpenSSL vulnerabilities affect IBM SmartCloud Entry

Source: CCN
Type: IBM Security Bulletin T1023117
Multiple Vulnerabilities in OpenSSL including Logjam affect IBM Flex System Manager (FSM)

Source: CCN
Type: IBM Security Bulletin N1020840
Vulnerabilities in OpenSSL including Logjam affect IBM i

Source: CCN
Type: IBM Security Bulletin N1020862
Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2014-8176,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216)

Source: CCN
Type: IBM Security Bulletin S1005313
Vulnerabilities in OpenSSL affect IBM SONAS (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin S1005314
Vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2014-8176, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin S1009687 (Data ONTAP)
Vulnerabilities in OpenSSL affect multiple N series products

Source: CCN
Type: IBM Security Bulletin 1959308
Vulnerabilities in OpenSSL including Logjam affect Sterling Connect:Express for UNIX (CVE-2015-4000, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin 1959518
Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js

Source: CCN
Type: IBM Security Bulletin 1960157
Vulnerabilities in OpenSSL affected IBM Workflow for Bluemix (CVE-2015-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin 1961438
Vulnerabilities in OpenSSL including Logjam affect IBM SDK for Node.js in IBM Bluemix

Source: CCN
Type: IBM Security Bulletin 1961454
Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection

Source: CCN
Type: IBM Security Bulletin 1961569
Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-1791, CVE-2015-1792, CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790)

Source: CCN
Type: IBM Security Bulletin 1961837
Vulnerabilities in OpenSSL including Logjam affect Rational Software Architect and Rational Software Architect for Websphere Software

Source: CCN
Type: IBM Security Bulletin 1962039
Multiple vulnerabilities in OpenSSL affect IBM Security Network Intrusion Prevention System

Source: CCN
Type: IBM Security Bulletin 1962519
IBM Security AppScan Enterprise is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1962520
IBM Rational Policy Tester is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1962623
Vulnerabilities in OpenSSL including Logjam affect IBM Security Access Manager for Mobile.

Source: CCN
Type: IBM Security Bulletin 1962726
IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1963096
Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web

Source: CCN
Type: IBM Security Bulletin 1963232
Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Guardium

Source: CCN
Type: IBM Security Bulletin 1963498
Vulnerabilities in OpenSSL affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 1963954
Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin 1963964
Multiple Security Vulnerabilities Fixed in IBM Security Privileged Identity Manager

Source: CCN
Type: IBM Security Bulletin 1964030
Vulnerabilities in OpenSSL affect IBM Security Network Controller (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin 1964033
Vulnerabilities in OpenSSL affect Proventia Network Active Bypass (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792)

Source: CCN
Type: IBM Security Bulletin 1966381
Vulnerabilities in OpenSSLincluding Logjam affect IBM Workload Deployer. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)

Source: CCN
Type: IBM Security Bulletin 1966481
Multiple vulnerabilities in OpenSSL affect IBM Campaign, IBM Contact Optimization

Source: CCN
Type: IBM Security Bulletin 1966484
Vulnerabilities in OpenSSL affect IBM NetInsight (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1793)

Source: CCN
Type: IBM Security Bulletin 1966847
Multiple vulnerabilities in openssl affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

Source: CCN
Type: IBM Security Bulletin 1966873
Vulnerabilities in OpenSSL including Logjam affect the Cordova platform packaged with Rational Application Developer affecting Rational Developer for i and Rational Developer for AIX and Linux

Source: CCN
Type: IBM Security Bulletin 1968724
Vulnerabilities in OpenSSL affect IBM Rational Team Concert Build Agent (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176)

Source: CCN
Type: IBM Security Bulletin 1968871
Vulnerability in OpenSSL affects IBM Security Proventia Network Enterprise Scanner (CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2014-8176)

Source: CCN
Type: IBM Security Bulletin 1969655
Vulnerabilities in OpenSSL including Logjam affect IBM PureApplication System. (CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-4000)

Source: CCN
Type: BID-75159
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
openssl-cve20148176-code-exec(103782)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Cisco Security Advisory cisco-sa-20150612-openssl
Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products

Source: CCN
Type: IBM Security Bulletin 5098960
IBM Flex System Chassis Management Module (CMM) is affected by multiple vulnerabilities in OpenSSL including Logjam

Source: CCN
Type: IBM Security Bulletin 5099032
Multiple vulnerabilities in OpenSSH, GNU C Library (glibc), and OpenSSL, including Logjam, affect Integrated Management Module II (IMM2)

Source: CCN
Type: OpenSSL Security Advisory [11 Jun 2015]
OpenSSL Security Advisory

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-8176

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*
  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*
  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*
  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*
  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*
  • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:rational_policy_tester:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:infosphere_guardium:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:campaign:8.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:campaign:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:campaign:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:proventia_network_enterprise_scanner:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.0.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:smartcloud_entry:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.2:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sdk:1.1:*:*:*:node.js:*:*:*
  • OR cpe:/a:ibm:cloud_manager:4.1.0:*:*:*:*:openstack:*:*
  • OR cpe:/o:ibm:security_network_protection_firmware:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:general_parallel_file_system:3.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:9.0.1::~~enterprise~~~:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_guardium:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:web:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_connect:express:1.5:*:*:*:unix:*:*:*
  • OR cpe:/o:ibm:i:5.4.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:6.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_connect:express:1.4:*:*:*:unix:*:*:*
  • OR cpe:/a:ibm:workload_deployer:3.1.0.7:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:5.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_software_architect:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_software_architect:9.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_developer_for_i:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:1.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_manager:7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sdk:1.1:*:node.js:*:bluemix:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_developer_for_i:9.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_developer_for_i:9.1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:workflow:-:*:*:*:*:bluemix:*:*
  • OR cpe:/a:ibm:infosphere_guardium:9.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_manager:4.2.0:*:*:*:*:openstack:*:*
  • OR cpe:/a:ibm:security_appscan:9.0.2:-:enterprise:*:*:*:*:*
  • OR cpe:/a:ibm:campaign:9.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1.2:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:sdk:1.2:*:*:*:node.js:*:*:*
  • OR cpe:/a:ibm:infosphere_guardium:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:*:*:mobile:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1.3:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_software_architect:9.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:storwize_v7000_unified_software:1.5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_team_concert:6.0:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:flex_system_manager_node:*:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_core_services:2.4.6:*:*:*:apache_http_server:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20148176
    V
    CVE-2014-8176
    2022-06-30
    oval:org.opensuse.security:def:112612
    P
    libcrypto38-2.5.0-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106096
    P
    libcrypto38-2.5.0-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:29364
    V
    AIX OpenSSL DTLS peer vulnerability (segmentation fault or memory corruption)
    2016-02-19
    oval:org.cisecurity:def:217
    P
    DSA-3287-1 -- openssl -- security update
    2016-02-08
    oval:org.mitre.oval:def:29160
    P
    USN-2639-1 -- openssl vulnerabilities
    2015-07-27
    oval:org.mitre.oval:def:28674
    P
    CESA-2015:1115 -- centos 6 openssl
    2015-07-27
    oval:org.mitre.oval:def:28440
    P
    RHSA-2015:1115-01 -- Redhat openssl
    2015-07-27
    oval:org.mitre.oval:def:29099
    P
    CESA-2015:1115 -- centos 7 openssl
    2015-07-27
    oval:org.mitre.oval:def:28583
    P
    USN-2639-1 -- openssl vulnerabilities
    2015-07-27
    oval:org.mitre.oval:def:29126
    P
    ELSA-2015-1115 -- Oracle openssl
    2015-07-27
    oval:org.mitre.oval:def:28643
    P
    ELSA-2015-1115 -- Oracle openssl
    2015-07-27
    oval:com.redhat.rhsa:def:20151115
    P
    RHSA-2015:1115: openssl security update (Moderate)
    2015-06-15
    oval:com.ubuntu.bionic:def:201481760000000
    V
    CVE-2014-8176 on Ubuntu 18.04 LTS (bionic) - medium.
    2015-06-12
    oval:com.ubuntu.precise:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 12.04 LTS (precise) - medium.
    2015-06-12
    oval:com.ubuntu.artful:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 17.10 (artful) - medium.
    2015-06-12
    oval:com.ubuntu.xenial:def:201481760000000
    V
    CVE-2014-8176 on Ubuntu 16.04 LTS (xenial) - medium.
    2015-06-12
    oval:com.ubuntu.trusty:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 14.04 LTS (trusty) - medium.
    2015-06-12
    oval:com.ubuntu.bionic:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 18.04 LTS (bionic) - medium.
    2015-06-12
    oval:com.ubuntu.disco:def:201481760000000
    V
    CVE-2014-8176 on Ubuntu 19.04 (disco) - medium.
    2015-06-12
    oval:com.ubuntu.xenial:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 16.04 LTS (xenial) - medium.
    2015-06-12
    oval:com.ubuntu.cosmic:def:201481760000000
    V
    CVE-2014-8176 on Ubuntu 18.10 (cosmic) - medium.
    2015-06-12
    oval:com.ubuntu.cosmic:def:20148176000
    V
    CVE-2014-8176 on Ubuntu 18.10 (cosmic) - medium.
    2015-06-12
    BACK
    openssl openssl 0.9.8
    openssl openssl 1.0.0
    openssl openssl 1.0.2
    openssl openssl 1.0.1
    ibm infosphere information server 8.1
    ibm infosphere information server 8.5
    ibm security appscan 8.5
    ibm rational policy tester 8.5
    ibm infosphere guardium 8.2
    ibm security appscan 8.6
    ibm infosphere guardium 9.0
    ibm rational team concert 4.0
    ibm infosphere information server 8.7
    ibm infosphere information server 9.1
    ibm security network intrusion prevention system 4.3
    ibm security network intrusion prevention system 4.4
    ibm security network intrusion prevention system 4.5
    ibm sterling b2b integrator 5.1
    ibm rational team concert 4.0.1
    ibm sterling b2b integrator 5.2
    ibm security appscan 8.7.0.0 -
    ibm rational team concert 4.0.0.1
    ibm rational team concert 4.0.0.2
    ibm rational team concert 4.0.2
    ibm rational team concert 4.0.3
    ibm smartcloud provisioning 2.1
    ibm smartcloud provisioning 2.1.0.1
    ibm campaign 8.6
    ibm campaign 9.0
    ibm campaign 9.1
    ibm rational team concert 3.0.1.6
    ibm security access manager 7.0
    ibm sterling b2b integrator 5.2.4
    ibm security access manager 8.0
    ibm security appscan 8.8
    ibm rational team concert 4.0.4
    ibm rational team concert 4.0.5
    ibm rational team concert 4.0.6
    ibm rational team concert 5.0
    ibm security network protection firmware 5.3
    ibm proventia network enterprise scanner 2.3
    ibm rational application developer 9.1
    ibm rational application developer 9.1.0.1
    ibm rational application developer 9.1.1
    ibm smartcloud entry 3.2
    ibm security privileged identity manager 1.0.1
    ibm infosphere information server 11.3
    ibm sterling b2b integrator 5.2.1
    ibm sterling b2b integrator 5.2.2
    ibm sterling b2b integrator 5.2.3
    ibm sterling b2b integrator 5.2.4.1
    ibm sterling b2b integrator 5.2.4.2
    ibm security access manager 8.0.0.2
    ibm security appscan 9.0
    ibm pureapplication system 1.1.0.0
    ibm pureapplication system 1.1.0.1
    ibm pureapplication system 1.1.0.2
    ibm pureapplication system 1.1.0.3
    ibm pureapplication system 1.1.0.4
    ibm security network intrusion prevention system 4.6
    ibm security network intrusion prevention system 4.6.1
    ibm security network intrusion prevention system 4.6.2
    ibm sdk 1.1
    ibm cloud manager 4.1.0
    ibm security network protection firmware 5.2.0
    ibm smartcloud provisioning 2.1.0.2
    ibm smartcloud provisioning 2.1.0.3
    ibm general parallel file system 3.5.0
    ibm security appscan 9.0.1
    ibm infosphere guardium 9.1
    ibm security access manager 8.0.0.4
    ibm security access manager 8.0.0.5
    ibm sterling connect:express 1.5
    ibm i 5.4.0
    ibm i 6.1.0
    ibm i 7.1.0
    ibm sterling connect:express 1.4
    ibm workload deployer 3.1.0.7
    ibm i 7.2.0
    ibm security privileged identity manager 1.0.1.1
    ibm i 5.3.0
    ibm pureapplication system 2.0
    ibm rational software architect 9.1
    ibm rational software architect 9.1.1
    ibm powerkvm 2.1
    ibm rational developer for i 9.1
    ibm security privileged identity manager 2.0.0
    ibm pureapplication system 1.1.0.5
    ibm security access manager 8.0.1
    ibm rational team concert 4.0.7
    ibm rational team concert 5.0.2
    ibm pureapplication system 2.0.0.1
    ibm security identity manager 7
    ibm sdk 1.1
    ibm rational team concert 5.0.1
    ibm rational developer for i 9.1.1
    ibm rational developer for i 9.1.1.1
    ibm pureapplication system 2.1.0.0
    ibm workflow -
    ibm infosphere guardium 9.5
    ibm cloud manager 4.2.0
    ibm security appscan 9.0.2 -
    ibm campaign 9.1.1
    ibm pureapplication system 2.1.0.1
    ibm security access manager 8.0.1.2
    ibm sdk 1.2
    ibm infosphere guardium 10.0
    ibm security access manager for mobile *
    ibm security access manager 8.0.1.3
    ibm security privileged identity manager 2.0.1
    ibm security identity governance and intelligence 5.1.1
    ibm pureapplication system 2.1.0.2
    ibm rational software architect 9.1.2
    ibm storwize v7000 unified software 1.5.2.1
    ibm rational team concert 6.0
    ibm flex system manager node *
    ibm pureapplication system 2.1.1.0
    redhat jboss core services 2.4.6