|
gptkbp:instance_of
|
gptkb:vulnerability
|
|
gptkbp:affected_organizations
|
various companies
|
|
gptkbp:affected_protocols
|
TLS
|
|
gptkbp:affects
|
gptkb:Open_SSL
|
|
gptkbp:community_feedback
|
active
|
|
gptkbp:consequences
|
loss of data confidentiality
|
|
gptkbp:cvssscore
|
5.0
|
|
gptkbp:difficulty_levels
|
critical
|
|
gptkbp:disclosure_method
|
blog post
|
|
gptkbp:discovered_by
|
gptkb:Neel_Mehta
|
|
gptkbp:discovery_year
|
April 2014
|
|
gptkbp:enforces
|
recommended
|
|
gptkbp:environmental_initiatives
|
update Open SSL
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Heartbleed bug
|
|
gptkbp:impact
|
exposes sensitive data
|
|
gptkbp:impact_on_internet
|
gptkb:significant
|
|
gptkbp:is_monitored_by
|
important
|
|
gptkbp:is_vulnerable_to
|
high
attackers
cryptographic weakness
|
|
gptkbp:latest_version
|
Open SSL 1.0.1 to 1.0.1f
|
|
gptkbp:media_coverage
|
extensive
|
|
gptkbp:notable_case
|
data breaches
|
|
gptkbp:patch_released
|
April 2014
|
|
gptkbp:provides_support_for
|
VPNs
web servers
email servers
|
|
gptkbp:public_awareness
|
high
|
|
gptkbp:regulatory_compliance
|
gptkb:CVE-2014-0160
increased
|
|
gptkbp:related_to
|
gptkb:SSL/_TLS
|
|
gptkbp:remediation_steps
|
audit systems
|
|
gptkbp:reports_to
|
gptkb:Public
|
|
gptkbp:responds_to
|
security patches
|
|
gptkbp:response_time
|
immediate
|
|
gptkbp:security
|
gptkb:NIST
gptkb:ISO/_IEC_27001
gptkb:OWASP
high
encryption
ongoing
notable
regular updates
update policies
|
|
gptkbp:security_community_response
|
collaborative
|
|
gptkbp:security_mitigation
|
monitoring
|
|
gptkbp:security_tools
|
gptkb:scanner
|
|
gptkbp:type
|
buffer over-read
|
|
gptkbp:user
|
millions
|
|
gptkbp:vulnerability_assessment
|
necessary
|
|
gptkbp:vulnerability_class
|
information disclosure
|
|
gptkbp:vulnerability_disclosure
|
responsible
|
|
gptkbp:vulnerability_management
|
critical
|
|
gptkbp:vulnerability_reporting
|
encouraged
|
|
gptkbp:bfsParent
|
gptkb:TLS/_SSL_protocols
gptkb:Transport_Layer_Security_(TLS)
|
|
gptkbp:bfsLayer
|
5
|