NVD

Id
31747  
Name
CVE-2014-3570  
Description
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2015-01-08  
Modified Date
2017-01-02  
Seq
2014-3570  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
167102 31747 CVE-2014-3570 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679  View
167103 31747 CVE-2014-3570 APPLE-SA-2015-04-08-2  View
167104 31747 CVE-2014-3570 FEDORA-2015-0512  View
167105 31747 CVE-2014-3570 FEDORA-2015-0601  View
167106 31747 CVE-2014-3570 openSUSE-SU-2015:0130  View
167107 31747 CVE-2014-3570 SUSE-SU-2015:0578  View
167108 31747 CVE-2014-3570 SUSE-SU-2015:0946  View
167109 31747 CVE-2014-3570 openSUSE-SU-2015:1277  View
167110 31747 CVE-2014-3570 openSUSE-SU-2016:0640  View
167111 31747 CVE-2014-3570 HPSBUX03162  View
167112 31747 CVE-2014-3570 SSRT101885  View
167113 31747 CVE-2014-3570 SSRT101987  View
167114 31747 CVE-2014-3570 HPSBHF03289  View
167115 31747 CVE-2014-3570 HPSBOV03318  View
167116 31747 CVE-2014-3570 HPSBMU03380  View
167117 31747 CVE-2014-3570 HPSBMU03409  View
167118 31747 CVE-2014-3570 HPSBMU03396  View
167119 31747 CVE-2014-3570 HPSBMU03413  View
167120 31747 CVE-2014-3570 HPSBMU03397  View
167121 31747 CVE-2014-3570 RHSA-2015:0066  View
167122 31747 CVE-2014-3570 RHSA-2015:0849  View
167123 31747 CVE-2014-3570 RHSA-2016:1650  View
167124 31747 CVE-2014-3570 20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products  View
167125 31747 CVE-2014-3570 DSA-3125  View
167126 31747 CVE-2014-3570 MDVSA-2015:019  View
167127 31747 CVE-2014-3570 MDVSA-2015:062  View
167128 31747 CVE-2014-3570 http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html  View
167129 31747 CVE-2014-3570 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html  View
167130 31747 CVE-2014-3570 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html  View
167131 31747 CVE-2014-3570 http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html  View
167132 31747 CVE-2014-3570 http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html  View
167133 31747 CVE-2014-3570 71939  View
167134 31747 CVE-2014-3570 1033378  View
167135 31747 CVE-2014-3570 https://bto.bluecoat.com/security-advisory/sa88  View
167136 31747 CVE-2014-3570 https://github.com/openssl/openssl/commit/a7a44ba55cb4f884c6bc9ceac90072dea38e66d0  View
167137 31747 CVE-2014-3570 https://kc.mcafee.com/corporate/index?page=content&id=SB10102  View
167138 31747 CVE-2014-3570 https://kc.mcafee.com/corporate/index?page=content&id=SB10108  View
167139 31747 CVE-2014-3570 https://support.apple.com/HT204659  View
167140 31747 CVE-2014-3570 https://www.openssl.org/news/secadv_20150108.txt  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18676 JVNDB-2014-007551 OpenSSL の BN_sqr の実装における暗号保護メカニズムを破られる脆弱性 OpenSSL の BN_sqr の実装は、BIGNUM 値の二乗を適切に計算しないため、暗号保護メカニズムを破られる脆弱性が存在します。 CVE-2014-3570 70858 CVE-2014-3570 31747 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007551.html 2014-05-14 2016-08-09 View