CVE-2015-2808
Summary
| CVE | CVE-2015-2808 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-04-01 02:00:00 UTC |
| Updated | 2023-09-07 17:15:00 UTC |
| Description | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. |
Risk And Classification
Problem Types: CWE-327
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 15.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 15.04 | All | All | All |
| Operating System | Debian | Debian Linux | 7.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 7.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M3000 | - | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M3000 | - | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M3000 Firmware | All | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M3000 Firmware | All | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M4000 | - | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M4000 | - | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M4000 Firmware | All | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M4000 Firmware | All | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M5000 | - | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M5000 | - | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M5000 Firmware | All | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M5000 Firmware | All | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M8000 | - | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M8000 | - | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M8000 Firmware | All | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M8000 Firmware | All | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M9000 | - | All | All | All |
| Hardware | Fujitsu | Sparc Enterprise M9000 | - | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M9000 Firmware | All | All | All | All |
| Operating System | Fujitsu | Sparc Enterprise M9000 Firmware | All | All | All | All |
| Hardware | Huawei | 9700 | - | All | All | All |
| Hardware | Huawei | 9700 | - | All | All | All |
| Operating System | Huawei | 9700 Firmware | - | All | All | All |
| Operating System | Huawei | 9700 Firmware | - | All | All | All |
| Hardware | Huawei | E6000 | - | All | All | All |
| Hardware | Huawei | E6000 | - | All | All | All |
| Operating System | Huawei | E6000 Firmware | - | All | All | All |
| Operating System | Huawei | E6000 Firmware | - | All | All | All |
| Hardware | Huawei | E9000 | - | All | All | All |
| Hardware | Huawei | E9000 | - | All | All | All |
| Operating System | Huawei | E9000 Firmware | - | All | All | All |
| Operating System | Huawei | E9000 Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor 18500 | - | All | All | All |
| Hardware | Huawei | Oceanstor 18500 | - | All | All | All |
| Operating System | Huawei | Oceanstor 18500 Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor 18500 Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor 18800 | - | All | All | All |
| Hardware | Huawei | Oceanstor 18800 | - | All | All | All |
| Hardware | Huawei | Oceanstor 18800f | - | All | All | All |
| Hardware | Huawei | Oceanstor 18800f | - | All | All | All |
| Operating System | Huawei | Oceanstor 18800f Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor 18800f Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor 18800 Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor 18800 Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor 9000 | - | All | All | All |
| Hardware | Huawei | Oceanstor 9000 | - | All | All | All |
| Operating System | Huawei | Oceanstor 9000 Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor 9000 Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor Cse | - | All | All | All |
| Hardware | Huawei | Oceanstor Cse | - | All | All | All |
| Operating System | Huawei | Oceanstor Cse Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor Cse Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor Hvs85t | - | All | All | All |
| Hardware | Huawei | Oceanstor Hvs85t | - | All | All | All |
| Operating System | Huawei | Oceanstor Hvs85t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor Hvs85t Firmware | - | All | All | All |
| Application | Huawei | Oceanstor Replicationdirector | v100r003c00 | All | All | All |
| Application | Huawei | Oceanstor Replicationdirector | v100r003c00 | All | All | All |
| Hardware | Huawei | Oceanstor S2600t | - | All | All | All |
| Hardware | Huawei | Oceanstor S2600t | - | All | All | All |
| Operating System | Huawei | Oceanstor S2600t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor S2600t Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor S5500t | - | All | All | All |
| Hardware | Huawei | Oceanstor S5500t | - | All | All | All |
| Operating System | Huawei | Oceanstor S5500t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor S5500t Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor S5600t | - | All | All | All |
| Hardware | Huawei | Oceanstor S5600t | - | All | All | All |
| Operating System | Huawei | Oceanstor S5600t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor S5600t Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor S5800t | - | All | All | All |
| Hardware | Huawei | Oceanstor S5800t | - | All | All | All |
| Operating System | Huawei | Oceanstor S5800t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor S5800t Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor S6800t | - | All | All | All |
| Hardware | Huawei | Oceanstor S6800t | - | All | All | All |
| Operating System | Huawei | Oceanstor S6800t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor S6800t Firmware | - | All | All | All |
| Hardware | Huawei | Oceanstor Vis6600t | - | All | All | All |
| Hardware | Huawei | Oceanstor Vis6600t | - | All | All | All |
| Operating System | Huawei | Oceanstor Vis6600t Firmware | - | All | All | All |
| Operating System | Huawei | Oceanstor Vis6600t Firmware | - | All | All | All |
| Application | Huawei | Policy Center | v100r003c00 | All | All | All |
| Application | Huawei | Policy Center | v100r003c10 | All | All | All |
| Application | Huawei | Policy Center | v100r003c00 | All | All | All |
| Application | Huawei | Policy Center | v100r003c10 | All | All | All |
| Hardware | Huawei | Quidway S9300 | - | All | All | All |
| Hardware | Huawei | Quidway S9300 | - | All | All | All |
| Operating System | Huawei | Quidway S9300 Firmware | - | All | All | All |
| Operating System | Huawei | Quidway S9300 Firmware | - | All | All | All |
| Hardware | Huawei | S12700 | - | All | All | All |
| Hardware | Huawei | S12700 | - | All | All | All |
| Operating System | Huawei | S12700 Firmware | - | All | All | All |
| Operating System | Huawei | S12700 Firmware | - | All | All | All |
| Hardware | Huawei | S2700 | - | All | All | All |
| Hardware | Huawei | S2700 | - | All | All | All |
| Operating System | Huawei | S2700 Firmware | - | All | All | All |
| Operating System | Huawei | S2700 Firmware | - | All | All | All |
| Hardware | Huawei | S2750 | - | All | All | All |
| Hardware | Huawei | S2750 | - | All | All | All |
| Operating System | Huawei | S2750 Firmware | - | All | All | All |
| Operating System | Huawei | S2750 Firmware | - | All | All | All |
| Hardware | Huawei | S3700 | - | All | All | All |
| Hardware | Huawei | S3700 | - | All | All | All |
| Operating System | Huawei | S3700 Firmware | - | All | All | All |
| Operating System | Huawei | S3700 Firmware | - | All | All | All |
| Hardware | Huawei | S5700ei | - | All | All | All |
| Hardware | Huawei | S5700ei | - | All | All | All |
| Operating System | Huawei | S5700ei Firmware | - | All | All | All |
| Operating System | Huawei | S5700ei Firmware | - | All | All | All |
| Hardware | Huawei | S5700hi | - | All | All | All |
| Hardware | Huawei | S5700hi | - | All | All | All |
| Operating System | Huawei | S5700hi Firmware | - | All | All | All |
| Operating System | Huawei | S5700hi Firmware | - | All | All | All |
| Hardware | Huawei | S5700li | - | All | All | All |
| Hardware | Huawei | S5700li | - | All | All | All |
| Operating System | Huawei | S5700li Firmware | - | All | All | All |
| Operating System | Huawei | S5700li Firmware | - | All | All | All |
| Hardware | Huawei | S5700s-li | - | All | All | All |
| Hardware | Huawei | S5700s-li | - | All | All | All |
| Operating System | Huawei | S5700s-li Firmware | - | All | All | All |
| Operating System | Huawei | S5700s-li Firmware | - | All | All | All |
| Hardware | Huawei | S5700si | - | All | All | All |
| Hardware | Huawei | S5700si | - | All | All | All |
| Operating System | Huawei | S5700si Firmware | - | All | All | All |
| Operating System | Huawei | S5700si Firmware | - | All | All | All |
| Hardware | Huawei | S5710ei | - | All | All | All |
| Hardware | Huawei | S5710ei | - | All | All | All |
| Operating System | Huawei | S5710ei Firmware | - | All | All | All |
| Operating System | Huawei | S5710ei Firmware | - | All | All | All |
| Hardware | Huawei | S5710hi | - | All | All | All |
| Hardware | Huawei | S5710hi | - | All | All | All |
| Operating System | Huawei | S5710hi Firmware | - | All | All | All |
| Operating System | Huawei | S5710hi Firmware | - | All | All | All |
| Hardware | Huawei | S5720ei | - | All | All | All |
| Hardware | Huawei | S5720ei | - | All | All | All |
| Operating System | Huawei | S5720ei Firmware | - | All | All | All |
| Operating System | Huawei | S5720ei Firmware | - | All | All | All |
| Hardware | Huawei | S5720hi | - | All | All | All |
| Hardware | Huawei | S5720hi | - | All | All | All |
| Operating System | Huawei | S5720hi Firmware | - | All | All | All |
| Operating System | Huawei | S5720hi Firmware | - | All | All | All |
| Hardware | Huawei | S6700 | - | All | All | All |
| Hardware | Huawei | S6700 | - | All | All | All |
| Operating System | Huawei | S6700 Firmware | - | All | All | All |
| Operating System | Huawei | S6700 Firmware | - | All | All | All |
| Hardware | Huawei | S7700 | - | All | All | All |
| Hardware | Huawei | S7700 | - | All | All | All |
| Operating System | Huawei | S7700 Firmware | - | All | All | All |
| Operating System | Huawei | S7700 Firmware | - | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c01 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c02 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c03 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c04 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c01 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c02 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c03 | All | All | All |
| Application | Huawei | Smc2.0 | v100r002c04 | All | All | All |
| Hardware | Huawei | Te60 | - | All | All | All |
| Hardware | Huawei | Te60 | - | All | All | All |
| Operating System | Huawei | Te60 Firmware | - | All | All | All |
| Operating System | Huawei | Te60 Firmware | - | All | All | All |
| Application | Huawei | Ultravr | v100r003c00 | All | All | All |
| Application | Huawei | Ultravr | v100r003c00 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.1.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2.2 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.1.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2.1 | All | All | All |
| Application | Ibm | Cognos Metrics Manager | 10.2.2 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.2 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.2 | All | All | All |
| Application | Oracle | Communications Application Session Controller | All | All | All | All |
| Application | Oracle | Communications Policy Management | All | All | All | All |
| Application | Oracle | Communications Policy Management | All | All | All | All |
| Application | Oracle | Http Server | 11.1.1.7.0 | All | All | All |
| Application | Oracle | Http Server | 11.1.1.9.0 | All | All | All |
| Application | Oracle | Http Server | 12.1.3.0.0 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.1.0 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.2.0 | All | All | All |
| Application | Oracle | Http Server | 11.1.1.7.0 | All | All | All |
| Application | Oracle | Http Server | 11.1.1.9.0 | All | All | All |
| Application | Oracle | Http Server | 12.1.3.0.0 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.1.0 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.2.0 | All | All | All |
| Operating System | Oracle | Integrated Lights Out Manager Firmware | All | All | All | All |
| Operating System | Oracle | Integrated Lights Out Manager Firmware | All | All | All | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 6.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.5 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 6.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.5 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 6.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 6.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 5.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Application | Redhat | Satellite | 5.6 | All | All | All |
| Application | Redhat | Satellite | 5.7 | All | All | All |
| Application | Redhat | Satellite | 5.6 | All | All | All |
| Application | Redhat | Satellite | 5.7 | All | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp3 | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp4 | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp3 | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Server | 10 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp1 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Server | 10 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp1 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | - | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | - | All | All |
| Application | Suse | Manager | 1.7 | All | All | All |
| Application | Suse | Manager | 1.7 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HPE Service Manager TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| [security-announce] SUSE-SU-2015:1320-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| IBM Systems Director TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Oracle Critical Patch Update Advisory - April 2016 | CONFIRM | www.oracle.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| IBM Cognos Metrics Manager TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorize' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| '[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modif' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| [security-announce] openSUSE-SU-2015:1288-1: important: Security update | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| Oracle Critical Patch Update - July 2016 | CONFIRM | www.oracle.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Brea... | MISC | www.blackhat.com | Technical Description, Third Party Advisory |
| Juniper Networks - 2016-04 Security Bulletin: Junos Space: Multiple privilege escalation vulnerabilities in Junos Space (CVE-2016-1265) - Knowledge Base | CONFIRM | kb.juniper.net | Third Party Advisory |
| Oracle July 2016 Critical Patch Update Multiple Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| HP Universal Configuration Management Database TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| IBM Tivoli Directory Server Multiple Flaws Let Remote Authenticated Users Execute Arbitrary Commands, Remote Users Obtain Information and Conduct Cross-Site Scripting Attacks, and Local Users Obtain Information - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote D' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| '[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Informa' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| HP Project and Portfolio Management Center TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| HP Network Node Manager i TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| Debian -- Security Information -- DSA-3339-1 openjdk-6 | DEBIAN | www.debian.org | Third Party Advisory |
| '[security bulletin] HPSBGN03372 rev.1 - HP Business Process Monitor using RC4, Remote Disclosure of ' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| SSRT102073 | HP | h20564.www2.hp.com | Third Party Advisory |
| '[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosu' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| '[security bulletin] HPSBGN03414 rev.1 - HP Operations Agent, Remote Disclosure of Information' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Oracle Critical Patch Update - July 2015 | CONFIRM | www.oracle.com | Third Party Advisory |
| Oracle Critical Patch Update - January 2018 | CONFIRM | www.oracle.com | Patch, Third Party Advisory |
| 2017-04 Security Bulletin: Multiple Vulnerabilities in NorthStar Controller Application before version 2.1.0 Service Pack 1. - Juniper Networks | CONFIRM | kb.juniper.net | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| '[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| HP Operations Manager for Windows TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products | CONFIRM | www1.huawei.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:1085-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs) - United States | CONFIRM | www-304.ibm.com | Third Party Advisory |
| HP Operations Manager for Linux and UNIX TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| HP P6000 Command View TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| [security-announce] SUSE-SU-2015:1073-1: important: | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition - United States | CONFIRM | www-01.ibm.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:2192-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| '[security bulletin] HPSBGN03399 rev.1 - HP BSM Connector (BSMC), Remote Unauthorized Modification, D' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| IBM Tivoli Netcool/OMNIbus TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBUX03512 SSRT102254 rev.1 - HP-UX Web Server Suite running Apache, Remote Den' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:1319-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| IBM Tivoli Netcool/OMNIbus TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products | CONFIRM | www.huawei.com | Third Party Advisory |
| USN-2696-1: OpenJDK 7 vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| Debian -- Security Information -- DSA-3316-1 openjdk-7 | DEBIAN | www.debian.org | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| HP Performance Manager TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Di' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:1161-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| HP Service Manager SSLv3 RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| IBM Support | CONFIRM | www-947.ibm.com | Third Party Advisory |
| IBM IV71892: FIX SECURITY VULNERABILITY CVE-2015-2808 - United States | AIXAPAR | www-01.ibm.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:1138-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo Security | GENTOO | security.gentoo.org | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| HP Release Control TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| 73684 | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| [security-announce] openSUSE-SU-2015:1289-1: important: Security update | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| '[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Di' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| USN-2706-1: OpenJDK 6 vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| [security-announce] SUSE-SU-2015:2166-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Oracle Java SE Multiple Flaws Lets Local and Remote Users Gain Elevated Privileges and Remote Users Partially Access Data, Modify Data, and Deny Service - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Document Display | HPE Support Center | CONFIRM | h20564.www2.hpe.com | Third Party Advisory |
| IBM Flex System Manager TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBGN03415 rev.1 - HP Operations Agent Virtual Appliance, Remote Disclosure of ' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| SecPod Research Blog | CVE-2015-2808 : Bar Mitzvah Attack in RC4 | MISC | www.secpod.com | |
| [security-announce] SUSE-SU-2015:1086-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| HP Discovery & Dependency Mapping Inventory (DDMI) TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| '[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) f' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| Oracle Critical Patch Update - October 2017 | CONFIRM | www.oracle.com | Third Party Advisory |
| Juniper Networks - 2015-10 Security Bulletin: CTPView: Multiple Vulnerabilities in CTPView | CONFIRM | kb.juniper.net | Third Party Advisory |
| '[security bulletin] HPSBGN03354 rev.1 - HP Connect-IT Using RC4, Remote Disclosure of Information' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| HP SiteScope TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| IBM IV71888: FIX SECURITY VULNERABILITY CVE-2015-2808 - United States | AIXAPAR | www-01.ibm.com | Third Party Advisory |
| [security-announce] SUSE-SU-2016:0113-1: important: Security update for | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808) | CONFIRM | www-304.ibm.com | Third Party Advisory |
| Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli Netcool/OMNIbus (CVE-2015-2808) | CONFIRM | www-304.ibm.com | Third Party Advisory |
| '[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Informa' - MARC | HP | marc.info | Issue Tracking, Third Party Advisory |
| McAfee Security Bulletin: Network Data Loss Prevention update fixes CVE-2015-2808 and CVE-2008-5161 | CONFIRM | kc.mcafee.com | Broken Link |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 591186 Mitsubishi Electric Air Conditioning Systems Multiple Vulnerabilities (ICSA-22-160-01)