JVN/CVE Demo: Nvdinfos

NVD

Id: 15463
Name: CVE-2010-4180
Description: OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.
Reject
CVSS Version: 2
CVSS Score: 4.3
Severity: Medium
CVSS Base Score: 4.3
CVSS Impact Subscore: 2.9
CVSS Exploit Subscore: 8.6
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Pub Date: 2017-01-18
Published: 2010-12-06
Modified Date: 2016-08-22
Seq: 2010-4180

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
87360	15463	CVE-2010-4180	http://cvs.openssl.org/chngview?cn=20131	View
87361	15463	CVE-2010-4180	SSRT100413	View
87362	15463	CVE-2010-4180	APPLE-SA-2011-06-23-1	View
87363	15463	CVE-2010-4180	FEDORA-2010-18765	View
87364	15463	CVE-2010-4180	FEDORA-2010-18736	View
87365	15463	CVE-2010-4180	SUSE-SR:2011:001	View
87366	15463	CVE-2010-4180	SUSE-SR:2011:009	View
87367	15463	CVE-2010-4180	openSUSE-SU-2011:0845	View
87368	15463	CVE-2010-4180	SUSE-SU-2011:0847	View
87369	15463	CVE-2010-4180	SSRT100339	View
87370	15463	CVE-2010-4180	SSRT100475	View
87371	15463	CVE-2010-4180	HPSBHF02706	View
87372	15463	CVE-2010-4180	http://openssl.org/news/secadv_20101202.txt	View
87373	15463	CVE-2010-4180	oval:org.mitre.oval:def:18910	View
87374	15463	CVE-2010-4180	SSA:2010-340-01	View
87375	15463	CVE-2010-4180	http://support.apple.com/kb/HT4723	View
87376	15463	CVE-2010-4180	USN-1029-1	View
87377	15463	CVE-2010-4180	DSA-2141	View
87378	15463	CVE-2010-4180	VU#737740	View
87379	15463	CVE-2010-4180	MDVSA-2010:248	View
87380	15463	CVE-2010-4180	RHSA-2010:0977	View
87381	15463	CVE-2010-4180	RHSA-2010:0978	View
87382	15463	CVE-2010-4180	RHSA-2010:0979	View
87383	15463	CVE-2010-4180	RHSA-2011:0896	View
87384	15463	CVE-2010-4180	SSRT100817	View
87385	15463	CVE-2010-4180	45164	View
87386	15463	CVE-2010-4180	1024822	View
87387	15463	CVE-2010-4180	ADV-2010-3120	View
87388	15463	CVE-2010-4180	ADV-2010-3122	View
87389	15463	CVE-2010-4180	ADV-2010-3134	View
87390	15463	CVE-2010-4180	ADV-2010-3188	View
87391	15463	CVE-2010-4180	ADV-2011-0032	View
87392	15463	CVE-2010-4180	ADV-2011-0076	View
87393	15463	CVE-2010-4180	ADV-2011-0268	View
87394	15463	CVE-2010-4180	https://bugzilla.redhat.com/show_bug.cgi?id=659462	View
87395	15463	CVE-2010-4180	https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST	View

Related JVN

Id	Name	Title	Summary	Cveinfo Name	Cveinfo Id	Nvdinfo Name	Nvdinfo Id	Cvssv2	Cvssv3	Jvnurl	Published Date	Last Updated Date	Actions
36768	JVNDB-2010-002548	OpenSSL における暗号スイートのダウングレードに関する脆弱性	OpenSSL は、SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG が有効な際、セッションキャッシュ内にある暗号スイートへの変更を適切に制限しないため、意図しない暗号スイートのダウングレードを強制的に実行される脆弱性が存在します。	CVE-2010-4180	46760	CVE-2010-4180	15463	4.3		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002548.html	2010-12-02	2012-12-18	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.34 MB
View render complete	22.90 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.80
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	272.33
Event: Controller.beforeRender	4.15
» Processing toolbar data	4.06
Rendering View	872.59
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	841.12
» Event: View.afterRender	0.04
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	18.75
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	5.67
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/15463
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/15463
Remote Port	21081
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.162
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.199.92
Http Via	1.1 squid-proxy-5b5d847c96-bg4x8 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.162
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.162
Unique Id	aOZU83gEx-9-NRofdBB-vwAAAJg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.162
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.162
Redirect Unique Id	aOZU83gEx-9-NRofdBB-vwAAAJg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.162
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.162
Redirect Redirect Unique Id	aOZU83gEx-9-NRofdBB-vwAAAJg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759925491.4791
Request Time	1759925491

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files