CVE-2014-0160
Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
Vulnerability Description
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Affected Platforms (CPE)
📦
Openssl
Openssl
>= 1.0.1 and < 1.0.1g📦
Filezilla Project
Filezilla Server
< 0.9.44💻
Siemens
Application Processing Engine Firmware
= 2.0💻
Siemens
Cp 1543 1 Firmware
= 1.1💻
Siemens
Simatic S7 1500 Firmware
= 1.5💻
Siemens
Simatic S7 1500t Firmware
= 1.5📦
Siemens
Elan 8.2
< 8.3.3📦
Siemens
Wincc Open Architecture
= 3.12💻
Intellian
V100 Firmware
= 1.20💻
Intellian
V100 Firmware
= 1.21💻
Intellian
V100 Firmware
= 1.24💻
Intellian
V60 Firmware
= 1.15💻
Intellian
V60 Firmware
= 1.25📦
Mitel
Micollab
= 6.0📦
Mitel
Micollab
= 7.0📦
Mitel
Micollab
= 7.1📦
Mitel
Micollab
= 7.2📦
Mitel
Micollab
= 7.3📦
Mitel
Micollab
= 7.3.0.104📦
Mitel
Mivoice
= 1.1.2.5📦
Mitel
Mivoice
= 1.1.3.3📦
Mitel
Mivoice
= 1.2.0.11📦
Mitel
Mivoice
= 1.3.2.2📦
Mitel
Mivoice
= 1.4.0.102💻
Opensuse
Opensuse
= 12.3💻
Opensuse
Opensuse
= 13.1💻
Canonical
Ubuntu Linux
= 12.04💻
Canonical
Ubuntu Linux
= 12.10💻
Canonical
Ubuntu Linux
= 13.10💻
Fedoraproject
Fedora
= 19💻
Fedoraproject
Fedora
= 20📦
Redhat
Gluster Storage
= 2.1📦
Redhat
Storage
= 2.1📦
Redhat
Virtualization
= 6.0💻
Redhat
Enterprise Linux Desktop
= 6.0💻
Redhat
Enterprise Linux Server
= 6.0💻
Redhat
Enterprise Linux Server Aus
= 6.5💻
Redhat
Enterprise Linux Server Eus
= 6.5💻
Redhat
Enterprise Linux Server Tus
= 6.5💻
Redhat
Enterprise Linux Workstation
= 6.0💻
Debian
Debian Linux
= 6.0💻
Debian
Debian Linux
= 7.0💻
Debian
Debian Linux
= 8.0💻
Ricon
S9922l Firmware
= 16.10.3\(3794\)📦
Broadcom
Symantec Messaging Gateway
= 10.6.0📦
Broadcom
Symantec Messaging Gateway
= 10.6.1📦
Splunk