vulnerability

SUSE: CVE-2015-2774: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Feb 20, 2016
Added
Apr 7, 2016
Modified
May 7, 2019

Description

Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Solution(s)

suse-upgrade-erlangsuse-upgrade-erlang-debuggersuse-upgrade-erlang-debugger-srcsuse-upgrade-erlang-debuginfosuse-upgrade-erlang-debugsourcesuse-upgrade-erlang-dialyzersuse-upgrade-erlang-dialyzer-debuginfosuse-upgrade-erlang-dialyzer-srcsuse-upgrade-erlang-docsuse-upgrade-erlang-epmdsuse-upgrade-erlang-epmd-debuginfosuse-upgrade-erlang-etsuse-upgrade-erlang-et-srcsuse-upgrade-erlang-gssuse-upgrade-erlang-gs-srcsuse-upgrade-erlang-jinterfacesuse-upgrade-erlang-jinterface-srcsuse-upgrade-erlang-observersuse-upgrade-erlang-observer-srcsuse-upgrade-erlang-reltoolsuse-upgrade-erlang-reltool-srcsuse-upgrade-erlang-srcsuse-upgrade-erlang-wxsuse-upgrade-erlang-wx-debuginfosuse-upgrade-erlang-wx-src
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.