Statements (50)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:terrorist_attack
|
| gptkbp:accreditation |
Partial
|
| gptkbp:availability |
gptkb:None
|
| gptkbp:capacity |
gptkb:Low
|
| gptkbp:certification |
gptkb:None
|
| gptkbp:communication |
gptkb:none
|
| gptkbp:coordinates |
gptkb:television_channel
|
| gptkbp:difficulty |
low
high |
| gptkbp:discovered_by |
Reported by security researchers.
|
| gptkbp:editor |
CWE-295.
|
| gptkbp:final_score |
4.6
|
| gptkbp:first_published |
2014-07-08
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-3499
|
| gptkbp:impact |
confidentiality
availability integrity Web security. |
| gptkbp:is_described_as |
A vulnerability in the SS Lv3 protocol that allows man-in-the-middle attackers to conduct protocol downgrade attacks.
|
| gptkbp:is_protected_by |
Use TLS instead of SSL.
|
| gptkbp:is_referenced_in |
https://www.oracle.com/security-alerts/2014alert-2014-3499.html.
https://www.microsoft.com/security/portal/mmpc/shared/cve-2014-3499.aspx. https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2014-3499 https://www.sans.org/vulndb/vulnerabilities/123456. https://www.cvedetails.com/cve/ CVE-2014-3499/. https://www.debian.org/security/2014/dsa-3030. https://www.ibm.com/support/pages/cve-2014-3499. https://www.kb.cert.org/vuls/id/123456. https://www.openssl.org/news/secadv_20140708.txt https://www.openssl.org/news/secadv_20140708.txt. https://www.owasp.org/index.php/ POODLE. https://www.securityfocus.com/bid/69880. https://www.securitytracker.com/id/1030950. https://www.redhat.com/archives/fedora-package-announce/2014-October/msg00001.html. https://www.ubuntu.com/security/notices/ USN-2365-1. https://www.us-cert.cisa.gov/ncas/alerts/2014/ T A14-290 A. https://www.cisecurity.org/white-papers/cve-2014-3499. https://www.nist.gov/itl/applied-cybersecurity/nist-cybersecurity-center-excellence/cybersecurity-vulnerability-catalog. |
| gptkbp:is_vulnerable_to |
gptkb:10
Man-in-the-middle attack. |
| gptkbp:provides_access_to |
gptkb:television_channel
|
| gptkbp:published_by |
MITRE.
|
| gptkbp:published_year |
2014-07-08
|
| gptkbp:recommendation |
Disable SS Lv3.
|
| gptkbp:related_to |
POODLE attack.
|
| gptkbp:security_features |
Partial
|
| gptkbp:status |
Resolved.
|
| gptkbp:supports |
gptkb:Apache
gptkb:Author gptkb:chess_match |