CVE-2015-4000
Find out more about CVE-2015-4000 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue affects the version of openssl and nss libraries as shipped with Red Hat Enterprise Linux 4, 5, 6 and 7. More information about this flaw is available at: https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c4 and https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c5.
Red Hat Enterprise Linux 4 is in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 4.
CVSS v2 metrics
Base Score | 4.3 |
---|---|
Base Metrics | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
CVSS v3 metrics
CVSS3 Base Score | 3.7 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
Attack Vector | Network |
Attack Complexity | High |
Privileges Required | None |
User Interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity Impact | Low |
Availability Impact | None |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
Platform | Errata | Release Date |
---|---|---|
Oracle Java for Red Hat Enterprise Linux 6 (java-1.8.0-oracle) | RHSA-2015:1241 | 2015-07-17 |
Red Hat Enterprise Linux 6 (nss) | RHSA-2015:1185 | 2015-06-25 |
Oracle Java for Red Hat Enterprise Linux 6 (java-1.6.0-sun) | RHSA-2015:1243 | 2015-07-17 |
Red Hat JBoss Enterprise Application Platform 6.4 | RHSA-2016:2056 | 2016-10-12 |
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) | RHSA-2015:1486 | 2015-07-22 |
Red Hat Enterprise Linux Supplementary (v. 7) (java-1.7.1-ibm) | RHSA-2015:1485 | 2015-07-22 |
Oracle Java for Red Hat Enterprise Linux 7 (java-1.7.0-oracle) | RHSA-2015:1242 | 2015-07-17 |
Oracle Java for Red Hat Enterprise Linux 7 (java-1.6.0-sun) | RHSA-2015:1243 | 2015-07-17 |
Red Hat Enterprise Linux 7 (nss) | RHSA-2015:1185 | 2015-06-25 |
Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-ibm) | RHSA-2015:1544 | 2015-08-04 |
Oracle Java for Red Hat Enterprise Linux 6 (java-1.7.0-oracle) | RHSA-2015:1242 | 2015-07-17 |
Red Hat Enterprise Linux 6 (openssl) | RHSA-2015:1072 | 2015-06-04 |
Red Hat Enterprise Linux 6 (java-1.8.0-openjdk) | RHSA-2015:1228 | 2015-07-15 |
Red Hat Enterprise Linux 6 (java-1.6.0-openjdk) | RHSA-2015:1526 | 2015-07-30 |
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.5.0-ibm) | RHSA-2015:1544 | 2015-08-04 |
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.6.0-ibm) | RHSA-2015:1486 | 2015-07-22 |
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.1-ibm) | RHSA-2015:1485 | 2015-07-22 |
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-ibm) | RHSA-2015:1488 | 2015-07-23 |
Red Hat JBoss Web Server 3.0 | RHSA-2016:1624 | 2016-08-17 |
Oracle Java for Red Hat Enterprise Linux 7 (java-1.8.0-oracle) | RHSA-2015:1241 | 2015-07-17 |
Red Hat Enterprise Linux 5 (java-1.6.0-openjdk) | RHSA-2015:1526 | 2015-07-30 |
Red Hat Enterprise Linux 6 (java-1.7.0-openjdk) | RHSA-2015:1229 | 2015-07-15 |
Red Hat Satellite 5.6 (RHEL v.6) (java-1.6.0-ibm) | RHSA-2015:1604 | 2015-08-12 |
Red Hat Enterprise Linux 5 (java-1.7.0-openjdk) | RHSA-2015:1230 | 2015-07-15 |
Red Hat Enterprise Linux 7 (openssl) | RHSA-2015:1072 | 2015-06-04 |
Red Hat Enterprise Linux 7 (java-1.6.0-openjdk) | RHSA-2015:1526 | 2015-07-30 |
Red Hat Satellite 5.7 (RHEL v.6) (java-1.6.0-ibm) | RHSA-2015:1604 | 2015-08-12 |
Red Hat Satellite 5.6 (RHEL v.5) (java-1.6.0-ibm) | RHSA-2015:1604 | 2015-08-12 |
Red Hat Enterprise Linux 5 (openssl) | RHSA-2015:1197 | 2015-06-30 |
Oracle Java for Red Hat Enterprise Linux 5 (java-1.7.0-oracle) | RHSA-2015:1242 | 2015-07-17 |
Oracle Java for Red Hat Enterprise Linux 5 (java-1.6.0-sun) | RHSA-2015:1243 | 2015-07-17 |
Red Hat Enterprise Linux 7 (java-1.8.0-openjdk) | RHSA-2015:1228 | 2015-07-15 |
Red Hat Enterprise Linux 7 (java-1.7.0-openjdk) | RHSA-2015:1229 | 2015-07-15 |
Affected Packages State
Platform | Package | State |
---|---|---|
Red Hat JBoss EWS 2 | openssl | Affected |
Red Hat JBoss EWS 1 | openssl | Will not fix |
Red Hat Enterprise Linux 7 | openssl098e | Will not fix |
Red Hat Enterprise Linux 6 | openssl098e | Will not fix |
Red Hat Enterprise Linux 5 | openssl097a | Will not fix |
Red Hat Enterprise Linux 5 | nss | Affected |