Attacker Value
High
(2 users assessed)
Exploitability
Very High
(2 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2014-0160 (AKA: Heartbleed)

Disclosure Date: April 07, 2014
Exploited in the Wild
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

Add Assessment

4
Ratings
Technical Analysis

A missing boundary check causes versions of OpenSSL 1.0.1 – 1.0.1f to be vulnerable to an out of bounds read as part of an SSL Heartbeat message. This vulnerability can be leveraged without authenticating in many instances to leak sensitive information such as passwords and private keys. Due to the vulnerability being in the OpenSSL library, exploits are implementation specific and may require changes to implement the applicable protocol.

The vulnerability was fixed in this patch.

1
Ratings
Technical Analysis

A bit legendary at this point but memory chunks from VPN devices was a real problem. If vulnerable, got hit.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Vendors

  • canonical,
  • debian,
  • fedoraproject,
  • filezilla-project,
  • intellian,
  • mitel,
  • openssl,
  • opensuse,
  • redhat,
  • ricon,
  • siemens

Products

  • application processing engine firmware 2.0,
  • cp 1543-1 firmware 1.1,
  • debian linux 6.0,
  • debian linux 7.0,
  • debian linux 8.0,
  • elan-8.2,
  • enterprise linux desktop 6.0,
  • enterprise linux server 6.0,
  • enterprise linux server aus 6.5,
  • enterprise linux server eus 6.5,
  • enterprise linux server tus 6.5,
  • enterprise linux workstation 6.0,
  • fedora 19,
  • fedora 20,
  • filezilla server,
  • gluster storage 2.1,
  • micollab 6.0,
  • micollab 7.0,
  • micollab 7.1,
  • micollab 7.2,
  • micollab 7.3,
  • micollab 7.3.0.104,
  • mivoice 1.1.2.5,
  • mivoice 1.1.3.3,
  • mivoice 1.2.0.11,
  • mivoice 1.3.2.2,
  • mivoice 1.4.0.102,
  • openssl,
  • opensuse 12.3,
  • opensuse 13.1,
  • s9922l firmware 16.10.3(3794),
  • simatic s7-1500 firmware 1.5,
  • simatic s7-1500t firmware 1.5,
  • storage 2.1,
  • ubuntu linux 12.04,
  • ubuntu linux 12.10,
  • ubuntu linux 13.10,
  • v100 firmware 1.20,
  • v100 firmware 1.21,
  • v100 firmware 1.24,
  • v60 firmware 1.15,
  • v60 firmware 1.25,
  • virtualization 6.0,
  • wincc open architecture 3.12

Exploited in the Wild

Reported by:

References

Advisory

Additional Info

Technical Analysis