CVE-2014-3511 Detail

Vendors and Products

CPE, which stands for Common Platform Enumeration, is a standardized scheme for naming hardware, software, and operating systems. CPE provides a structured naming scheme to uniquely identify and classify information technology systems, platforms, and packages based on certain attributes such as vendor, product name, version, update, edition, and language.

CVE-2014-3511

EPSS

0.76%V3

Vector

Network

Published

2014-08-13
21h00 +00:00

Modified

2017-11-14
09h57 +00:00

Official links

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Notifications manage

List of Notifications

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Criteria applied when sending the alert: compared with the last alert sent + differences in CISA, EPSS, CVSS, CWE, Solutions, CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specified here a CVE ID as CVE-2025-1234

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

-

Last execution

-

Next execution

-

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CVE Descriptions

The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE Other	No informations.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	4.3		AV:N/AC:M/Au:N/C:N/I:P/A:N	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0

Openssl>>Openssl >> Version 1.0.0 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0a

Openssl>>Openssl >> Version 1.0.0a (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0b

Openssl>>Openssl >> Version 1.0.0b (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0c

Openssl>>Openssl >> Version 1.0.0c (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0d

Openssl>>Openssl >> Version 1.0.0d (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0e

Openssl>>Openssl >> Version 1.0.0e (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0f

Openssl>>Openssl >> Version 1.0.0f (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0g

Openssl>>Openssl >> Version 1.0.0g (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0h

Openssl>>Openssl >> Version 1.0.0h (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0i

Openssl>>Openssl >> Version 1.0.0i (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0j

Openssl>>Openssl >> Version 1.0.0j (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0k

Openssl>>Openssl >> Version 1.0.0k (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0l

Openssl>>Openssl >> Version 1.0.0l (Open CPE detail)

Openssl>>Openssl >> Version 1.0.0m

Openssl>>Openssl >> Version 1.0.0m (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1

Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)
Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1

Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1

Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1

Openssl>>Openssl >> Version 1.0.1 (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1a

Openssl>>Openssl >> Version 1.0.1a (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1b

Openssl>>Openssl >> Version 1.0.1b (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1c

Openssl>>Openssl >> Version 1.0.1c (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1d

Openssl>>Openssl >> Version 1.0.1d (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1e

Openssl>>Openssl >> Version 1.0.1e (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1f

Openssl>>Openssl >> Version 1.0.1f (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1g

Openssl>>Openssl >> Version 1.0.1g (Open CPE detail)

Openssl>>Openssl >> Version 1.0.1h

Openssl>>Openssl >> Version 1.0.1h (Open CPE detail)

References

http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
Tags : vendor-advisory, x_refsource_SUSE

http://linux.oracle.com/errata/ELSA-2014-1052.html
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/60221
Tags : third-party-advisory, x_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21682293
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/61184
Tags : third-party-advisory, x_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=142660345230545&w=2
Tags : vendor-advisory, x_refsource_HP

http://secunia.com/advisories/60022
Tags : third-party-advisory, x_refsource_SECUNIA

https://www.openssl.org/news/secadv_20140806.txt
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/61017
Tags : third-party-advisory, x_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2015-0197.html
Tags : vendor-advisory, x_refsource_REDHAT

http://secunia.com/advisories/60377
Tags : third-party-advisory, x_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=142350350616251&w=2
Tags : vendor-advisory, x_refsource_HP

http://secunia.com/advisories/59887
Tags : third-party-advisory, x_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21683389
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=142791032306609&w=2
Tags : vendor-advisory, x_refsource_HP

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/60890
Tags : third-party-advisory, x_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201412-39.xml
Tags : vendor-advisory, x_refsource_GENTOO

http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15564.html
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=142660345230545&w=2
Tags : vendor-advisory, x_refsource_HP

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=142495837901899&w=2
Tags : vendor-advisory, x_refsource_HP

http://secunia.com/advisories/60803
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/59700
Tags : third-party-advisory, x_refsource_SECUNIA

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
Tags : vendor-advisory, x_refsource_FEDORA

http://www.securitytracker.com/id/1030693
Tags : vdb-entry, x_refsource_SECTRACK

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
Tags : x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/95162
Tags : vdb-entry, x_refsource_XF

http://www.splunk.com/view/SP-CAAANHS
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/60917
Tags : third-party-advisory, x_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=142350350616251&w=2
Tags : vendor-advisory, x_refsource_HP

http://www.tenable.com/security/tns-2014-06
Tags : x_refsource_CONFIRM

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
Tags : vendor-advisory, x_refsource_NETBSD

https://kc.mcafee.com/corporate/index?page=content&id=SB10084
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/60493
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/59710
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/60921
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.securityfocus.com/bid/69079
Tags : vdb-entry, x_refsource_BID

http://secunia.com/advisories/61043
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/60810
Tags : third-party-advisory, x_refsource_SECUNIA

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=280b1f1ad12131defcd986676a8fc9717aaa601b
Tags : x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/61100
Tags : third-party-advisory, x_refsource_SECUNIA

https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
Tags : vendor-advisory, x_refsource_FREEBSD

http://secunia.com/advisories/61775
Tags : third-party-advisory, x_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=142495837901899&w=2
Tags : vendor-advisory, x_refsource_HP

http://www.debian.org/security/2014/dsa-2998
Tags : vendor-advisory, x_refsource_DEBIAN

http://marc.info/?l=bugtraq&m=143290437727362&w=2
Tags : vendor-advisory, x_refsource_HP

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html
Tags : vendor-advisory, x_refsource_FEDORA

http://secunia.com/advisories/61959
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/59756
Tags : third-party-advisory, x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=1127504
Tags : x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=142624590206005&w=2
Tags : vendor-advisory, x_refsource_HP

http://marc.info/?l=bugtraq&m=143290522027658&w=2
Tags : vendor-advisory, x_refsource_HP

http://rhn.redhat.com/errata/RHSA-2015-0126.html
Tags : vendor-advisory, x_refsource_REDHAT

http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/58962
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.arubanetworks.com/support/alerts/aid-08182014.txt
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/60938
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/60684
Tags : third-party-advisory, x_refsource_SECUNIA

https://support.citrix.com/article/CTX216642
Tags : x_refsource_CONFIRM

https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
Tags : mailing-list, x_refsource_MLIST

https://techzone.ergon.ch/CVE-2014-3511
Tags : x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21686997
Tags : x_refsource_CONFIRM

http://secunia.com/advisories/61139
Tags : third-party-advisory, x_refsource_SECUNIA