CVE-2013-2566

Published Mar 15, 2013
Last updated 3 months ago
CVSS medium 5.9
Overview

Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-326
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9750DF83-22E8-4299-BC95-33217B968211",
            "versionEndIncluding": "3.9.1",
            "versionStartIncluding": "3.0.0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "911FBD5E-213D-482F-81A9-C3B8CE7D903A"
          },
          {
            "criteria": "cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBD2676F-EE9D-4462-ABA5-C11CE726849C"
          },
          {
            "criteria": "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6505AE29-5091-4C72-AF6B-932DEF53A8D2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EC475C1-A339-4C49-B6BA-A0E4D6FDF5DF"
          },
          {
            "criteria": "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38A45A86-3B7E-4245-B717-2A6E868BE6BE"
          },
          {
            "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24EDBB8B-1AFB-498D-B78C-7BC72B8C1085",
            "versionEndIncluding": "3.2.11",
            "versionStartIncluding": "3.0.0"
          },
          {
            "criteria": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3024389-3D4A-4E19-BE42-DAF9EA51D471",
            "versionEndIncluding": "4.0.4",
            "versionStartIncluding": "4.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DBE3B60-DED8-4F47-A60F-410ECB873BAE",
            "versionEndExcluding": "xcp_1121",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB54B753-F066-4387-B0C3-43E647A42EBE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BBD38A2-1B17-4B28-9FE1-6D62A6337C12",
            "versionEndExcluding": "xcp_1121",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1846C0CA-AE13-435F-BF91-EEE0CC311DD5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5884F45B-F822-46B9-A0DC-6B59A3C3E7E0",
            "versionEndExcluding": "xcp_1121",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2EDCD99-9677-45A7-9221-3A6A41917A7C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ED7A13F-9510-4FA0-96A6-D2D34D49545F",
            "versionEndExcluding": "xcp_1121",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9581ABD4-5ED6-4EC5-8A0B-1D7A449C10D5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C4C1EC1-19BE-4E1E-8F56-47A83AD0410D",
            "versionEndExcluding": "xcp_1121",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A2CEAD6-9F8C-411C-9107-BA858CB8A31B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB4298E-79C7-418D-B843-8EBDC6682342",
            "versionEndExcluding": "xcp2280",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F45C5EA-556E-47A5-81FB-F6A85342FAC4",
            "versionEndExcluding": "xcp2280",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04F93A4F-97A9-4B32-A460-86B5EBCEB263",
            "versionEndExcluding": "xcp2280",
            "versionStartIncluding": "xcp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74242CE4-EB52-4765-A5E9-94C808EFC997",
            "versionEndExcluding": "17.0.11"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E547DD8-D3E3-4CA9-BE68-313A476A4B80",
            "versionEndExcluding": "25.0.1"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7236D2E-3A8D-48DF-817E-0B536EF66891",
            "versionEndExcluding": "24.1.1",
            "versionStartIncluding": "24.1.0"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAA54653-EDA1-4B8E-B328-51B0D77D2027",
            "versionEndExcluding": "2.22.1"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBBD7730-3DCA-4448-A912-1B6AE4658355",
            "versionEndExcluding": "24.1.1"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19BF5469-96AF-43B2-B875-C5241BD406F2",
            "versionEndExcluding": "17.0.11"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
