Lucene search
MitreCVE-2014-9721HistoryJun 03, 2015 - 8:59 p.m.
CVE-2014-9721
2015-06-0320:59:00
CWE-20
mitre
web.nvd.nist.gov
41
cve
2014
9721
libzmq
downgrade attack
vulnerability
nvd
security
zmtp
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.6%
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
Affected configurations
Node
zeromqzeromqRange≤4.0.5
ORzeromqzeromqMatch4.1.0rc1
Related
openvas
openvas
Debian: Security Advisory (DSA-3255-1)
2015-05-09 00:00:00
Debian Security Advisory DSA 3255-1 (zeromq3 - security update)
2015-05-10 00:00:00
Fedora Update for zeromq FEDORA-2015-8635
2015-07-07 00:00:00
prion
prion
Design/Logic Flaw
2015-06-03 20:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: zeromq-4.0.5-3.fc22
2015-05-30 15:41:51
veracode
veracode
Bypassing Security Mechanisms
2017-02-02 06:32:47
ubuntucve
ubuntucve
CVE-2014-9721
2015-06-03 00:00:00
nessus
nessus
FreeBSD : libzmq4 -- V3 protocol handler vulnerable to downgrade attacks (10a6d0aa-0b1c-11e5-bb90-002590263bf5)
2015-06-11 00:00:00
SUSE SLED12 Security Update : zeromq (SUSE-SU-2015:1510-1)
2015-09-09 00:00:00
openSUSE Security Update : zeromq (openSUSE-2015-409)
2015-06-11 00:00:00
debiancve
debiancve
CVE-2014-9721
2015-06-03 20:59:00
nvd
nvd
CVE-2014-9721
2015-06-03 20:59:00
freebsd
freebsd
libzmq4 -- V3 protocol handler vulnerable to downgrade attacks
2014-12-04 00:00:00
cvelist
cvelist
CVE-2014-9721
2015-06-03 20:00:00
osv
osv
libzmq5-4.2.0-1.1 on GA media
2024-06-15 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.6%
Related for CVE-2014-9721