This document provides the text form of the CVE-2014-0160 Advisory Risk Matrix. Please note that the CVE number in this document correspond to the same CVE number in the CVE-2014-0160 Advisory.
This page contains the text format of the following Risk Matrix:
This table provides the text form of the Risk Matrix for Third Party Components.
CVE Identifier | Description |
---|---|
CVE-2014-0160 | Heartbleed Vulnerability in the OpenSSL Third Party library (subcomponent: Heartbeat Extension) as it relates to Oracle products. Supported versions that are affected are 1.0.1 - 1.0.1f. Easily exploitable vulnerability allows successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability can result in unauthorized read access to a subset of OpenSSL Library accessible data. Note: This vulnerability affects a number of Oracle products that include the affected OpenSSL libraries. See OpenSSL Security Bug - Heartbleed CVE-2014-0160 for the list of affected products and current patch availability information. CVSS Base Score 5.0 (Confidentiality impacts). CVSS V2 Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N). (legend) [Advisory] |