CVE-2014-2900 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 59%

Vendor	Product	Version
yassl	cyassl	𝑥 ≤ 2.9.0
yassl	cyassl	0.2.0
yassl	cyassl	0.3.0
yassl	cyassl	0.4.0
yassl	cyassl	0.5.0
yassl	cyassl	0.5.5
yassl	cyassl	0.6.0
yassl	cyassl	0.6.2
yassl	cyassl	0.6.3
yassl	cyassl	0.8.0
yassl	cyassl	0.9.0
yassl	cyassl	0.9.6
yassl	cyassl	0.9.8
yassl	cyassl	0.9.9
yassl	cyassl	1.0.0:rc1
yassl	cyassl	1.0.0:rc2
yassl	cyassl	1.0.0:rc3
yassl	cyassl	1.0.2
yassl	cyassl	1.0.3
yassl	cyassl	1.0.6
yassl	cyassl	1.1.0
yassl	cyassl	1.2.0
yassl	cyassl	1.3.0
yassl	cyassl	1.4.0
yassl	cyassl	1.5.0
yassl	cyassl	1.5.4
yassl	cyassl	1.5.6
yassl	cyassl	1.6.0
yassl	cyassl	1.6.5
yassl	cyassl	1.8.0
yassl	cyassl	1.9.0
yassl	cyassl	2.0.0:rc1
yassl	cyassl	2.0.0:rc2
yassl	cyassl	2.0.0:rc3
yassl	cyassl	2.0.2
yassl	cyassl	2.0.6
yassl	cyassl	2.0.8
yassl	cyassl	2.2.0
yassl	cyassl	2.3.0
yassl	cyassl	2.4.0
yassl	cyassl	2.4.6
yassl	cyassl	2.5.0
yassl	cyassl	2.6.0
yassl	cyassl	2.7.0
yassl	cyassl	2.8.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-310 -

References

http://seclists.org/oss-sec/2014/q2/126

http://seclists.org/oss-sec/2014/q2/130

http://secunia.com/advisories/57743

http://www.securityfocus.com/bid/66780

http://www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.html

http://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html

https://security.gentoo.org/glsa/201612-53

http://seclists.org/oss-sec/2014/q2/126

http://seclists.org/oss-sec/2014/q2/130

http://secunia.com/advisories/57743

http://www.securityfocus.com/bid/66780

http://www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.html

http://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html

https://security.gentoo.org/glsa/201612-53