CVE-2014-7203

Опубликовано: 20 сент. 2014

Источник: redhat

CVSS2: 5.8

EPSS Низкий

Описание

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.

Отчет

This issue did not affect the versions of zeromq as shipped with Inktank Ceph Enterprise 1.2 and 1.3.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat JBoss Enterprise Web Server 1	ice-1.2	Not affected
Red Hat JBoss Enterprise Web Server 1	ice-1.3	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-325->CWE-323

https://bugzilla.redhat.com/show_bug.cgi?id=1147315zeromq: CurveZMQ does not mandate replay attack detection

EPSS

Процентиль: 68%

0.00582

Низкий

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2014-7203

ubuntu

больше 11 лет назад

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.

CVE-2014-7203

nvd

больше 11 лет назад

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.

CVE-2014-7203

debian

больше 11 лет назад

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces ...

GHSA-56m5-7cj8-j73q

github

больше 3 лет назад

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.

EPSS

Процентиль: 68%

0.00582

Низкий

5.8 Medium

CVSS2