Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-3068
HistoryDec 02, 2014 - 1:59 a.m.

CVE-2014-3068

2014-12-0201:59:02
CWE-255
[email protected]
web.nvd.nist.gov
42
ibm
java
runtime environment
jre
security
vulnerability
cve-2014-3068
nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

3.6 Low

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack.

Affected configurations

NVD
Node
ibmjavaMatch5.0.0.0
OR
ibmjavaMatch5.0.11.0
OR
ibmjavaMatch5.0.11.1
OR
ibmjavaMatch5.0.11.2
OR
ibmjavaMatch5.0.12.0
OR
ibmjavaMatch5.0.12.1
OR
ibmjavaMatch5.0.12.2
OR
ibmjavaMatch5.0.12.3
OR
ibmjavaMatch5.0.12.4
OR
ibmjavaMatch5.0.12.5
OR
ibmjavaMatch5.0.13.0
OR
ibmjavaMatch5.0.14.0
OR
ibmjavaMatch5.0.15.0
OR
ibmjavaMatch5.0.16.0
OR
ibmjavaMatch5.0.16.1
OR
ibmjavaMatch5.0.16.2
OR
ibmjavaMatch5.0.16.3
OR
ibmjavaMatch6.0.0.0
OR
ibmjavaMatch6.0.1.0
OR
ibmjavaMatch6.0.2.0
OR
ibmjavaMatch6.0.3.0
OR
ibmjavaMatch6.0.4.0
OR
ibmjavaMatch6.0.5.0
OR
ibmjavaMatch6.0.6.0
OR
ibmjavaMatch6.0.7.0
OR
ibmjavaMatch6.0.8.0
OR
ibmjavaMatch6.0.8.1
OR
ibmjavaMatch6.0.9.0
OR
ibmjavaMatch6.0.9.1
OR
ibmjavaMatch6.0.9.2
OR
ibmjavaMatch6.0.10.0
OR
ibmjavaMatch6.0.10.1
OR
ibmjavaMatch6.0.11.0
OR
ibmjavaMatch6.0.12.0
OR
ibmjavaMatch6.0.13.0
OR
ibmjavaMatch6.0.13.1
OR
ibmjavaMatch6.0.13.2
OR
ibmjavaMatch6.0.14.0
OR
ibmjavaMatch7.0.0.0
OR
ibmjavaMatch7.0.1.0
OR
ibmjavaMatch7.0.2.0
OR
ibmjavaMatch7.0.3.0
OR
ibmjavaMatch7.0.4.0
OR
ibmjavaMatch7.0.4.1
OR
ibmjavaMatch7.0.4.2
OR
ibmjavaMatch7.0.5.0

Related

veracode 1
cvelist 1
prion 1
nvd 1
ibm 17
redhat 5
nessus 5
veracode
veracode
Bruteforce Attack
2019-01-15 08:58:42
cvelist
cvelist
CVE-2014-3068
2014-12-02 01:00:00
prion
prion
Code injection
2014-12-02 01:59:00
nvd
nvd
CVE-2014-3068
2014-12-02 01:59:02
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2014-6558, CVE-2014-3068)
2018-06-16 13:08:30
Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-4263)
2020-02-05 00:09:48
Security Bulletin: A vulnerability in IBM Java SDK affects Rational Software Architect for WebSphere Software (CVE-2014-4263)
2020-09-10 15:49:00
redhat
redhat
(RHSA-2014:1036) Important: java-1.5.0-ibm security update
2014-08-07 00:00:00
(RHSA-2014:1033) Critical: java-1.6.0-ibm security update
2014-08-07 00:00:00
(RHSA-2014:1042) Critical: java-1.7.1-ibm security update
2014-08-11 00:00:00
nessus
nessus
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:1036)
2014-08-08 00:00:00
RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:1033)
2014-08-08 00:00:00
RHEL 7 : java-1.7.1-ibm (RHSA-2014:1042)
2014-08-12 00:00:00

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

3.6 Low

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON
Related for CVE-2014-3068
veracode1cvelist1prion1nvd1ibm17redhat5nessus5