CVE-2015-3276

ADVISORY - nist

Summary

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

EPSS Score⁠: 0.00416 (0.746)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

ADVISORY - redhat

CWE-682⁠

Incorrect Calculation

Impacted images

Advisories

NIST

CREATED

9 years ago

UPDATED

2 years ago

ADVISORY IDCVE-2015-3276⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-noinfo⁠

CVSS SCORE

7.5high

Debian

CREATED

9 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2015-3276⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

9 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2015-3276⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5low

Amazon

CREATED

8 years ago

UPDATED

8 years ago

ADVISORY IDALAS-2017-799⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

9 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2015-3276⁠

EXPLOITABILITY SCORE

8.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-682⁠

CVSS SCORE

4.3medium

Oracle

CREATED

9 years ago

UPDATED

9 years ago

ADVISORY IDELSA-2015-2131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium