Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO_JABBER_CLIENT_CSCUP23913.NASL
HistoryJun 18, 2014 - 12:00 a.m.

Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)

2014-06-1800:00:00
This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
77

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.974 High

EPSS

Percentile

99.9%

JSON

The remote Windows host has a version of Cisco Jabber installed that is known to be affected by multiple OpenSSL related vulnerabilities :

  • An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the ‘FLUSH+RELOAD’ cache side-channel attack. (CVE-2014-0076)

  • An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224)

  • An unspecified error exists related to anonymous ECDH ciphersuites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(76129);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value: "2020/02/10");

  script_cve_id("CVE-2014-0076", "CVE-2014-0224", "CVE-2014-3470");
  script_bugtraq_id(66363, 67898, 67899);
  script_xref(name:"CISCO-BUG-ID", value:"CSCup22590");
  script_xref(name:"CISCO-BUG-ID", value:"CSCup23913");
  script_xref(name:"CISCO-SA", value:"cisco-sa-20140605-openssl");
  script_xref(name:"CERT", value:"978508");

  script_name(english:"Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"The remote Windows host has a version of Cisco Jabber installed that is known to be affected by multiple OpenSSL
related vulnerabilities :

  - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA)
    that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076)

  - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to
    simplified man-in-the-middle attacks. (CVE-2014-0224)

  - An unspecified error exists related to anonymous ECDH ciphersuites that could allow denial of service
    attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)");
  # https://bst.cloudapps.cisco.com/bugsearch/bug/CSCup23913 
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5114adab");
  # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5539aa9d");
  # https://www.openssl.org/news/secadv/20140605.txt
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f6039d37");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCup22590, CSCup23913");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0224");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/06/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:jabber");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:openssl:openssl");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_jabber_client_installed.nbin");
  script_require_keys("SMB/Cisco Jabber for Windows/Installed");

  exit(0);
}

include('audit.inc');
include('vcf.inc');

get_kb_item_or_exit('SMB/Registry/Enumerated');

app_info = vcf::get_app_info(app:'Cisco Jabber for Windows', win_local:TRUE);

constraints = [
  { 'min_version' : '9.0.0', 'max_version' : '9.0.6', 'fixed_display' : '9.7(3.18956), 9.7(4.18971), 10.5(0.36369) or later'},
  { 'min_version' : '9.1.0', 'max_version' : '9.1.5', 'fixed_display' : '9.7(3.18956), 9.7(4.18971), 10.5(0.36369) or later'},
  { 'min_version' : '9.2.0', 'max_version' : '9.2.6', 'fixed_display' : '9.7(3.18956), 9.7(4.18971), 10.5(0.36369) or later'},
  { 'min_version' : '9.6.0', 'max_version' : '9.6.1', 'fixed_display' : '9.7(3.18956), 9.7(4.18971), 10.5(0.36369) or later'},
  { 'min_version' : '9.7.0', 'max_version' : '9.7.2', 'fixed_display' : '9.7(3.18956), 9.7(4.18971), 10.5(0.36369) or later'}
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
ciscojabbercpe:/a:cisco:jabber
opensslopensslcpe:/a:openssl:openssl

Related

nessus 67
suse 6
openvas 31
ibm 41
osv 2
debian 4
huawei 1
intel 1
cisco 1
fortinet 1
ubuntu 4
freebsd_advisory 1
freebsd 2
ics 1
kaspersky 1
mageia 1
vmware 1
aix 1
f5 4
mariadbunix 1
prion 2
cvelist 2
seebug 1
veracode 2
ubuntucve 2
cve 2
threatpost 2
nvd 2
openssl 2
checkpoint_advisories 1
debiancve 2
securityvulns 2
amazon 1
arista 1
nodejsblog 1
centos 1
cert 1
nessus
nessus
Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL
2014-06-18 00:00:00
Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)
2015-11-03 00:00:00
Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL
2014-06-18 00:00:00
suse
suse
Security update for OpenSSL (critical)
2014-06-06 01:05:59
Security update for OpenSSL (critical)
2014-06-07 01:04:17
Security update for OpenSSL (critical)
2014-06-06 00:04:19
openvas
openvas
SUSE: Security Advisory for OpenSSL (SUSE-SU-2014:0761-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0761-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-0003-1)
2023-03-08 00:00:00
ibm
ibm
Security Bulletin: IBM System x Integrated Management Module (IMM) is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0076
2019-01-31 01:25:01
Security Bulletin: IBM Systems Director Storage Control is affected by vulnerabilities in OpenSSL (CVE-2014-0224 and CVE-2014-3470)
2019-01-31 01:25:01
Security Bulletin: IBM Flex System Manager (FSM) is affected by OpenSSL vulnerabilities: (CVE-2014-0224, CVE-2014-3470)
2019-01-31 01:25:01
osv
osv
openssl - security update
2014-06-05 00:00:00
openssl - security update
2014-06-05 00:00:00
debian
debian
openssl security update
2014-06-05 19:36:19
openssl security update
2014-06-05 19:36:04
[SECURITY] [DSA 2950-2] openssl update
2014-06-16 18:21:12
huawei
huawei
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
2014-06-13 00:00:00
intel
intel
Multiple Security Issues with Intel® Manycore Platform Software Stack (Intel® MPSS) release 3.x
2014-08-26 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
2014-06-05 22:40:00
fortinet
fortinet
Multiple Vulnerabilities in OpenSSL
2014-06-06 00:00:00
ubuntu
ubuntu
OpenSSL regression
2014-08-18 00:00:00
OpenSSL regression
2014-06-23 00:00:00
OpenSSL regression
2014-06-12 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:14.openssl
2014-06-05 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-06-05 00:00:00
OpenSSL -- Local Information Disclosure
2014-04-07 00:00:00
ics
ics
Siemens OpenSSL Vulnerabilities (Update G)
2018-08-29 12:00:00
kaspersky
kaspersky
KLA10382 Multiple vulnerabilities in VMware
2014-06-10 00:00:00
mageia
mageia
Updated openssl packages fix multiple vulnerabilties
2014-06-06 14:31:01
vmware
vmware
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
aix
aix
AIX OpenSSL Vulnerabilities (Multiple CVEs)
2014-06-11 06:39:27
f5
f5
SOL15342 - OpenSSL vulnerability CVE-2014-3470
2014-06-16 00:00:00
SOL15295 - OpenSSL vulnerability CVE-2014-0076
2014-05-29 00:00:00
K15295 : OpenSSL vulnerability CVE-2014-0076
2014-05-29 00:00:00
mariadbunix
mariadbunix
CVE-2014-3470
2014-06-05 21:55:07
prion
prion
Null pointer dereference
2014-06-05 21:55:00
Design/Logic Flaw
2014-03-25 13:25:00
cvelist
cvelist
CVE-2014-3470
2014-06-05 21:00:00
CVE-2014-0076
2014-03-25 01:00:00
seebug
seebug
OpenSSL ECDSA Nonces恢复漏洞
2014-03-25 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-07 02:02:21
Side-channel Timing Attack
2017-02-08 02:53:24
ubuntucve
ubuntucve
CVE-2014-3470
2014-06-05 00:00:00
CVE-2014-0076
2014-03-25 00:00:00
cve
cve
CVE-2014-0076
2014-03-25 13:25:21
CVE-2014-3470
2014-06-05 21:55:07
threatpost
threatpost
Second NSA Crypto Tool Found in RSA BSafe
2014-03-31 15:59:27
SSL Pulse Scans Quantify Vulnerable OpenSSL Servers
2014-06-13 14:05:55
nvd
nvd
CVE-2014-0076
2014-03-25 13:25:21
CVE-2014-3470
2014-06-05 21:55:07
openssl
openssl
Vulnerability in OpenSSL CVE-2014-0076
2014-02-14 00:00:00
Vulnerability in OpenSSL CVE-2014-3470
2014-05-30 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL Anonymous ECDH Denial of Service (CVE-2014-3470)
2014-06-10 00:00:00
debiancve
debiancve
CVE-2014-3470
2014-06-05 21:55:07
CVE-2014-0076
2014-03-25 13:25:21
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-06-06 00:00:00
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
2014-08-26 00:00:00
amazon
amazon
Important: openssl098e
2014-06-05 15:38:00
arista
arista
Security Advisory 0005
2014-06-09 00:00:00
nodejsblog
nodejsblog
OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)
2014-06-16 00:00:00
centos
centos
openssl security update
2014-06-06 01:40:21
cert
cert
OpenSSL is vulnerable to a man-in-the-middle attack
2014-06-05 00:00:00

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.974 High

EPSS

Percentile

99.9%

JSON
Related for CISCO_JABBER_CLIENT_CSCUP23913.NASL
nessus67suse6openvas31ibm41osv2debian4huawei1intel1cisco1fortinet1ubuntu4freebsd_advisory1freebsd2ics1kaspersky1mageia1vmware1aix1f54mariadbunix1prion2cvelist2seebug1veracode2ubuntucve2cve2threatpost2nvd2openssl2checkpoint_advisories1debiancve2securityvulns2amazon1arista1nodejsblog1centos1cert1