CVE-2014-3616
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Insufficient Session Expiration According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization." |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:P/A:N | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Products Mentioned
Configuraton 0
F5>>Nginx >> Version From (including) 0.5.6 To (excluding) 1.6.2
- F5>>Nginx >> Version 0.5.6 (Open CPE detail)
- F5>>Nginx >> Version 0.5.7 (Open CPE detail)
- F5>>Nginx >> Version 0.5.8 (Open CPE detail)
- F5>>Nginx >> Version 0.5.9 (Open CPE detail)
- F5>>Nginx >> Version 0.5.10 (Open CPE detail)
- F5>>Nginx >> Version 0.5.11 (Open CPE detail)
- F5>>Nginx >> Version 0.5.12 (Open CPE detail)
- F5>>Nginx >> Version 0.5.13 (Open CPE detail)
- F5>>Nginx >> Version 0.5.14 (Open CPE detail)
- F5>>Nginx >> Version 0.5.15 (Open CPE detail)
- F5>>Nginx >> Version 0.5.16 (Open CPE detail)
- F5>>Nginx >> Version 0.5.17 (Open CPE detail)
- F5>>Nginx >> Version 0.5.18 (Open CPE detail)
- F5>>Nginx >> Version 0.5.19 (Open CPE detail)
- F5>>Nginx >> Version 0.5.20 (Open CPE detail)
- F5>>Nginx >> Version 0.5.21 (Open CPE detail)
- F5>>Nginx >> Version 0.5.22 (Open CPE detail)
- F5>>Nginx >> Version 0.5.23 (Open CPE detail)
- F5>>Nginx >> Version 0.5.24 (Open CPE detail)
- F5>>Nginx >> Version 0.5.25 (Open CPE detail)
- F5>>Nginx >> Version 0.5.26 (Open CPE detail)
- F5>>Nginx >> Version 0.5.27 (Open CPE detail)
- F5>>Nginx >> Version 0.5.28 (Open CPE detail)
- F5>>Nginx >> Version 0.5.29 (Open CPE detail)
- F5>>Nginx >> Version 0.5.30 (Open CPE detail)
- F5>>Nginx >> Version 0.5.31 (Open CPE detail)
- F5>>Nginx >> Version 0.5.32 (Open CPE detail)
- F5>>Nginx >> Version 0.5.33 (Open CPE detail)
- F5>>Nginx >> Version 0.5.34 (Open CPE detail)
- F5>>Nginx >> Version 0.5.35 (Open CPE detail)
- F5>>Nginx >> Version 0.5.36 (Open CPE detail)
- F5>>Nginx >> Version 0.5.37 (Open CPE detail)
- F5>>Nginx >> Version 0.5.38 (Open CPE detail)
- F5>>Nginx >> Version 0.6.0 (Open CPE detail)
- F5>>Nginx >> Version 0.6.1 (Open CPE detail)
- F5>>Nginx >> Version 0.6.2 (Open CPE detail)
- F5>>Nginx >> Version 0.6.3 (Open CPE detail)
- F5>>Nginx >> Version 0.6.4 (Open CPE detail)
- F5>>Nginx >> Version 0.6.5 (Open CPE detail)
- F5>>Nginx >> Version 0.6.6 (Open CPE detail)
- F5>>Nginx >> Version 0.6.7 (Open CPE detail)
- F5>>Nginx >> Version 0.6.8 (Open CPE detail)
- F5>>Nginx >> Version 0.6.9 (Open CPE detail)
- F5>>Nginx >> Version 0.6.10 (Open CPE detail)
- F5>>Nginx >> Version 0.6.11 (Open CPE detail)
- F5>>Nginx >> Version 0.6.12 (Open CPE detail)
- F5>>Nginx >> Version 0.6.13 (Open CPE detail)
- F5>>Nginx >> Version 0.6.14 (Open CPE detail)
- F5>>Nginx >> Version 0.6.15 (Open CPE detail)
- F5>>Nginx >> Version 0.6.16 (Open CPE detail)
- F5>>Nginx >> Version 0.6.17 (Open CPE detail)
- F5>>Nginx >> Version 0.6.18 (Open CPE detail)
- F5>>Nginx >> Version 0.6.19 (Open CPE detail)
- F5>>Nginx >> Version 0.6.20 (Open CPE detail)
- F5>>Nginx >> Version 0.6.21 (Open CPE detail)
- F5>>Nginx >> Version 0.6.22 (Open CPE detail)
- F5>>Nginx >> Version 0.6.23 (Open CPE detail)
- F5>>Nginx >> Version 0.6.24 (Open CPE detail)
- F5>>Nginx >> Version 0.6.25 (Open CPE detail)
- F5>>Nginx >> Version 0.6.26 (Open CPE detail)
- F5>>Nginx >> Version 0.6.27 (Open CPE detail)
- F5>>Nginx >> Version 0.6.28 (Open CPE detail)
- F5>>Nginx >> Version 0.6.29 (Open CPE detail)
- F5>>Nginx >> Version 0.6.30 (Open CPE detail)
- F5>>Nginx >> Version 0.6.31 (Open CPE detail)
- F5>>Nginx >> Version 0.6.32 (Open CPE detail)
- F5>>Nginx >> Version 0.6.33 (Open CPE detail)
- F5>>Nginx >> Version 0.6.34 (Open CPE detail)
- F5>>Nginx >> Version 0.6.35 (Open CPE detail)
- F5>>Nginx >> Version 0.6.36 (Open CPE detail)
- F5>>Nginx >> Version 0.6.37 (Open CPE detail)
- F5>>Nginx >> Version 0.6.38 (Open CPE detail)
- F5>>Nginx >> Version 0.6.39 (Open CPE detail)
- F5>>Nginx >> Version 0.7.0 (Open CPE detail)
- F5>>Nginx >> Version 0.7.1 (Open CPE detail)
- F5>>Nginx >> Version 0.7.2 (Open CPE detail)
- F5>>Nginx >> Version 0.7.3 (Open CPE detail)
- F5>>Nginx >> Version 0.7.4 (Open CPE detail)
- F5>>Nginx >> Version 0.7.5 (Open CPE detail)
- F5>>Nginx >> Version 0.7.6 (Open CPE detail)
- F5>>Nginx >> Version 0.7.7 (Open CPE detail)
- F5>>Nginx >> Version 0.7.8 (Open CPE detail)
- F5>>Nginx >> Version 0.7.9 (Open CPE detail)
- F5>>Nginx >> Version 0.7.10 (Open CPE detail)
- F5>>Nginx >> Version 0.7.11 (Open CPE detail)
- F5>>Nginx >> Version 0.7.12 (Open CPE detail)
- F5>>Nginx >> Version 0.7.13 (Open CPE detail)
- F5>>Nginx >> Version 0.7.14 (Open CPE detail)
- F5>>Nginx >> Version 0.7.15 (Open CPE detail)
- F5>>Nginx >> Version 0.7.16 (Open CPE detail)
- F5>>Nginx >> Version 0.7.17 (Open CPE detail)
- F5>>Nginx >> Version 0.7.18 (Open CPE detail)
- F5>>Nginx >> Version 0.7.19 (Open CPE detail)
- F5>>Nginx >> Version 0.7.20 (Open CPE detail)
- F5>>Nginx >> Version 0.7.21 (Open CPE detail)
- F5>>Nginx >> Version 0.7.22 (Open CPE detail)
- F5>>Nginx >> Version 0.7.23 (Open CPE detail)
- F5>>Nginx >> Version 0.7.24 (Open CPE detail)
- F5>>Nginx >> Version 0.7.25 (Open CPE detail)
- F5>>Nginx >> Version 0.7.26 (Open CPE detail)
- F5>>Nginx >> Version 0.7.27 (Open CPE detail)
- F5>>Nginx >> Version 0.7.28 (Open CPE detail)
- F5>>Nginx >> Version 0.7.29 (Open CPE detail)
- F5>>Nginx >> Version 0.7.30 (Open CPE detail)
- F5>>Nginx >> Version 0.7.31 (Open CPE detail)
- F5>>Nginx >> Version 0.7.32 (Open CPE detail)
- F5>>Nginx >> Version 0.7.33 (Open CPE detail)
- F5>>Nginx >> Version 0.7.34 (Open CPE detail)
- F5>>Nginx >> Version 0.7.35 (Open CPE detail)
- F5>>Nginx >> Version 0.7.36 (Open CPE detail)
- F5>>Nginx >> Version 0.7.37 (Open CPE detail)
- F5>>Nginx >> Version 0.7.38 (Open CPE detail)
- F5>>Nginx >> Version 0.7.39 (Open CPE detail)
- F5>>Nginx >> Version 0.7.40 (Open CPE detail)
- F5>>Nginx >> Version 0.7.41 (Open CPE detail)
- F5>>Nginx >> Version 0.7.42 (Open CPE detail)
- F5>>Nginx >> Version 0.7.43 (Open CPE detail)
- F5>>Nginx >> Version 0.7.44 (Open CPE detail)
- F5>>Nginx >> Version 0.7.45 (Open CPE detail)
- F5>>Nginx >> Version 0.7.46 (Open CPE detail)
- F5>>Nginx >> Version 0.7.47 (Open CPE detail)
- F5>>Nginx >> Version 0.7.48 (Open CPE detail)
- F5>>Nginx >> Version 0.7.49 (Open CPE detail)
- F5>>Nginx >> Version 0.7.50 (Open CPE detail)
- F5>>Nginx >> Version 0.7.51 (Open CPE detail)
- F5>>Nginx >> Version 0.7.52 (Open CPE detail)
- F5>>Nginx >> Version 0.7.53 (Open CPE detail)
- F5>>Nginx >> Version 0.7.54 (Open CPE detail)
- F5>>Nginx >> Version 0.7.55 (Open CPE detail)
- F5>>Nginx >> Version 0.7.56 (Open CPE detail)
- F5>>Nginx >> Version 0.7.57 (Open CPE detail)
- F5>>Nginx >> Version 0.7.58 (Open CPE detail)
- F5>>Nginx >> Version 0.7.59 (Open CPE detail)
- F5>>Nginx >> Version 0.7.60 (Open CPE detail)
- F5>>Nginx >> Version 0.7.61 (Open CPE detail)
- F5>>Nginx >> Version 0.7.62 (Open CPE detail)
- F5>>Nginx >> Version 0.7.63 (Open CPE detail)
- F5>>Nginx >> Version 0.7.64 (Open CPE detail)
- F5>>Nginx >> Version 0.7.65 (Open CPE detail)
- F5>>Nginx >> Version 0.7.66 (Open CPE detail)
- F5>>Nginx >> Version 0.7.67 (Open CPE detail)
- F5>>Nginx >> Version 0.7.68 (Open CPE detail)
- F5>>Nginx >> Version 0.7.69 (Open CPE detail)
- F5>>Nginx >> Version 0.8.0 (Open CPE detail)
- F5>>Nginx >> Version 0.8.1 (Open CPE detail)
- F5>>Nginx >> Version 0.8.2 (Open CPE detail)
- F5>>Nginx >> Version 0.8.3 (Open CPE detail)
- F5>>Nginx >> Version 0.8.4 (Open CPE detail)
- F5>>Nginx >> Version 0.8.5 (Open CPE detail)
- F5>>Nginx >> Version 0.8.6 (Open CPE detail)
- F5>>Nginx >> Version 0.8.7 (Open CPE detail)
- F5>>Nginx >> Version 0.8.8 (Open CPE detail)
- F5>>Nginx >> Version 0.8.9 (Open CPE detail)
- F5>>Nginx >> Version 0.8.10 (Open CPE detail)
- F5>>Nginx >> Version 0.8.11 (Open CPE detail)
- F5>>Nginx >> Version 0.8.12 (Open CPE detail)
- F5>>Nginx >> Version 0.8.13 (Open CPE detail)
- F5>>Nginx >> Version 0.8.14 (Open CPE detail)
- F5>>Nginx >> Version 0.8.15 (Open CPE detail)
- F5>>Nginx >> Version 0.8.16 (Open CPE detail)
- F5>>Nginx >> Version 0.8.17 (Open CPE detail)
- F5>>Nginx >> Version 0.8.18 (Open CPE detail)
- F5>>Nginx >> Version 0.8.19 (Open CPE detail)
- F5>>Nginx >> Version 0.8.20 (Open CPE detail)
- F5>>Nginx >> Version 0.8.21 (Open CPE detail)
- F5>>Nginx >> Version 0.8.22 (Open CPE detail)
- F5>>Nginx >> Version 0.8.23 (Open CPE detail)
- F5>>Nginx >> Version 0.8.24 (Open CPE detail)
- F5>>Nginx >> Version 0.8.25 (Open CPE detail)
- F5>>Nginx >> Version 0.8.26 (Open CPE detail)
- F5>>Nginx >> Version 0.8.27 (Open CPE detail)
- F5>>Nginx >> Version 0.8.28 (Open CPE detail)
- F5>>Nginx >> Version 0.8.29 (Open CPE detail)
- F5>>Nginx >> Version 0.8.30 (Open CPE detail)
- F5>>Nginx >> Version 0.8.31 (Open CPE detail)
- F5>>Nginx >> Version 0.8.32 (Open CPE detail)
- F5>>Nginx >> Version 0.8.33 (Open CPE detail)
- F5>>Nginx >> Version 0.8.34 (Open CPE detail)
- F5>>Nginx >> Version 0.8.35 (Open CPE detail)
- F5>>Nginx >> Version 0.8.36 (Open CPE detail)
- F5>>Nginx >> Version 0.8.37 (Open CPE detail)
- F5>>Nginx >> Version 0.8.38 (Open CPE detail)
- F5>>Nginx >> Version 0.8.39 (Open CPE detail)
- F5>>Nginx >> Version 0.8.40 (Open CPE detail)
- F5>>Nginx >> Version 0.8.41 (Open CPE detail)
- F5>>Nginx >> Version 0.8.42 (Open CPE detail)
- F5>>Nginx >> Version 0.8.43 (Open CPE detail)
- F5>>Nginx >> Version 0.8.44 (Open CPE detail)
- F5>>Nginx >> Version 0.8.45 (Open CPE detail)
- F5>>Nginx >> Version 0.8.46 (Open CPE detail)
- F5>>Nginx >> Version 0.8.47 (Open CPE detail)
- F5>>Nginx >> Version 0.8.48 (Open CPE detail)
- F5>>Nginx >> Version 0.8.49 (Open CPE detail)
- F5>>Nginx >> Version 0.8.50 (Open CPE detail)
- F5>>Nginx >> Version 0.8.51 (Open CPE detail)
- F5>>Nginx >> Version 0.8.52 (Open CPE detail)
- F5>>Nginx >> Version 0.8.53 (Open CPE detail)
- F5>>Nginx >> Version 0.8.54 (Open CPE detail)
- F5>>Nginx >> Version 0.8.55 (Open CPE detail)
- F5>>Nginx >> Version 0.9.0 (Open CPE detail)
- F5>>Nginx >> Version 0.9.1 (Open CPE detail)
- F5>>Nginx >> Version 0.9.2 (Open CPE detail)
- F5>>Nginx >> Version 0.9.3 (Open CPE detail)
- F5>>Nginx >> Version 0.9.4 (Open CPE detail)
- F5>>Nginx >> Version 0.9.5 (Open CPE detail)
- F5>>Nginx >> Version 0.9.6 (Open CPE detail)
- F5>>Nginx >> Version 0.9.7 (Open CPE detail)
- F5>>Nginx >> Version 1.0.0 (Open CPE detail)
- F5>>Nginx >> Version 1.0.1 (Open CPE detail)
- F5>>Nginx >> Version 1.0.2 (Open CPE detail)
- F5>>Nginx >> Version 1.0.3 (Open CPE detail)
- F5>>Nginx >> Version 1.0.4 (Open CPE detail)
- F5>>Nginx >> Version 1.0.5 (Open CPE detail)
- F5>>Nginx >> Version 1.0.6 (Open CPE detail)
- F5>>Nginx >> Version 1.0.7 (Open CPE detail)
- F5>>Nginx >> Version 1.0.8 (Open CPE detail)
- F5>>Nginx >> Version 1.0.9 (Open CPE detail)
- F5>>Nginx >> Version 1.0.10 (Open CPE detail)
- F5>>Nginx >> Version 1.0.11 (Open CPE detail)
- F5>>Nginx >> Version 1.0.12 (Open CPE detail)
- F5>>Nginx >> Version 1.0.13 (Open CPE detail)
- F5>>Nginx >> Version 1.0.14 (Open CPE detail)
- F5>>Nginx >> Version 1.0.15 (Open CPE detail)
- F5>>Nginx >> Version 1.1.0 (Open CPE detail)
- F5>>Nginx >> Version 1.1.1 (Open CPE detail)
- F5>>Nginx >> Version 1.1.2 (Open CPE detail)
- F5>>Nginx >> Version 1.1.3 (Open CPE detail)
- F5>>Nginx >> Version 1.1.4 (Open CPE detail)
- F5>>Nginx >> Version 1.1.5 (Open CPE detail)
- F5>>Nginx >> Version 1.1.6 (Open CPE detail)
- F5>>Nginx >> Version 1.1.7 (Open CPE detail)
- F5>>Nginx >> Version 1.1.8 (Open CPE detail)
- F5>>Nginx >> Version 1.1.9 (Open CPE detail)
- F5>>Nginx >> Version 1.1.10 (Open CPE detail)
- F5>>Nginx >> Version 1.1.11 (Open CPE detail)
- F5>>Nginx >> Version 1.1.12 (Open CPE detail)
- F5>>Nginx >> Version 1.1.13 (Open CPE detail)
- F5>>Nginx >> Version 1.1.14 (Open CPE detail)
- F5>>Nginx >> Version 1.1.15 (Open CPE detail)
- F5>>Nginx >> Version 1.1.16 (Open CPE detail)
- F5>>Nginx >> Version 1.1.17 (Open CPE detail)
- F5>>Nginx >> Version 1.1.18 (Open CPE detail)
- F5>>Nginx >> Version 1.1.19 (Open CPE detail)
- F5>>Nginx >> Version 1.2.0 (Open CPE detail)
- F5>>Nginx >> Version 1.2.1 (Open CPE detail)
- F5>>Nginx >> Version 1.2.2 (Open CPE detail)
- F5>>Nginx >> Version 1.2.3 (Open CPE detail)
- F5>>Nginx >> Version 1.2.4 (Open CPE detail)
- F5>>Nginx >> Version 1.2.5 (Open CPE detail)
- F5>>Nginx >> Version 1.2.6 (Open CPE detail)
- F5>>Nginx >> Version 1.2.7 (Open CPE detail)
- F5>>Nginx >> Version 1.2.8 (Open CPE detail)
- F5>>Nginx >> Version 1.2.9 (Open CPE detail)
- F5>>Nginx >> Version 1.3.0 (Open CPE detail)
- F5>>Nginx >> Version 1.3.1 (Open CPE detail)
- F5>>Nginx >> Version 1.3.2 (Open CPE detail)
- F5>>Nginx >> Version 1.3.3 (Open CPE detail)
- F5>>Nginx >> Version 1.3.4 (Open CPE detail)
- F5>>Nginx >> Version 1.3.5 (Open CPE detail)
- F5>>Nginx >> Version 1.3.6 (Open CPE detail)
- F5>>Nginx >> Version 1.3.7 (Open CPE detail)
- F5>>Nginx >> Version 1.3.8 (Open CPE detail)
- F5>>Nginx >> Version 1.3.9 (Open CPE detail)
- F5>>Nginx >> Version 1.3.10 (Open CPE detail)
- F5>>Nginx >> Version 1.3.11 (Open CPE detail)
- F5>>Nginx >> Version 1.3.12 (Open CPE detail)
- F5>>Nginx >> Version 1.3.13 (Open CPE detail)
- F5>>Nginx >> Version 1.3.14 (Open CPE detail)
- F5>>Nginx >> Version 1.3.15 (Open CPE detail)
- F5>>Nginx >> Version 1.3.16 (Open CPE detail)
- F5>>Nginx >> Version 1.4.0 (Open CPE detail)
- F5>>Nginx >> Version 1.4.1 (Open CPE detail)
- F5>>Nginx >> Version 1.4.2 (Open CPE detail)
- F5>>Nginx >> Version 1.4.3 (Open CPE detail)
- F5>>Nginx >> Version 1.4.4 (Open CPE detail)
- F5>>Nginx >> Version 1.4.5 (Open CPE detail)
- F5>>Nginx >> Version 1.4.6 (Open CPE detail)
- F5>>Nginx >> Version 1.4.7 (Open CPE detail)
- F5>>Nginx >> Version 1.5.0 (Open CPE detail)
- F5>>Nginx >> Version 1.5.1 (Open CPE detail)
- F5>>Nginx >> Version 1.5.2 (Open CPE detail)
- F5>>Nginx >> Version 1.5.3 (Open CPE detail)
- F5>>Nginx >> Version 1.5.4 (Open CPE detail)
- F5>>Nginx >> Version 1.5.5 (Open CPE detail)
- F5>>Nginx >> Version 1.5.6 (Open CPE detail)
- F5>>Nginx >> Version 1.5.7 (Open CPE detail)
- F5>>Nginx >> Version 1.5.8 (Open CPE detail)
- F5>>Nginx >> Version 1.5.9 (Open CPE detail)
- F5>>Nginx >> Version 1.5.10 (Open CPE detail)
- F5>>Nginx >> Version 1.5.11 (Open CPE detail)
- F5>>Nginx >> Version 1.5.12 (Open CPE detail)
- F5>>Nginx >> Version 1.5.13 (Open CPE detail)
- F5>>Nginx >> Version 1.6.0 (Open CPE detail)
- F5>>Nginx >> Version 1.6.1 (Open CPE detail)
F5>>Nginx >> Version From (including) 1.7.0 To (excluding) 1.7.5
- F5>>Nginx >> Version 1.7.0 (Open CPE detail)
- F5>>Nginx >> Version 1.7.4 (Open CPE detail)
Configuraton 0
Debian>>Debian_linux >> Version 7.0
- Debian>>Debian_linux >> Version 7.0 (Open CPE detail)
Debian>>Debian_linux >> Version 8.0
- Debian>>Debian_linux >> Version 8.0 (Open CPE detail)
References
http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
Tags : mailing-list, x_refsource_MLIST
Tags : mailing-list, x_refsource_MLIST
2025©
tesweb SA
