Home > Vulnerability Database > CVE-2014-0878

Mend.io Vulnerability Database

CVE-2014-0878

Date: May 26, 2014

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.

Severity Score

4.8

Related Resources (24)

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21676703

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21689593

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21674539

Url: http://secunia.com/advisories/59058

Url: http://secunia.com/advisories/59022

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21676746

Url: http://secunia.com/advisories/59023

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21679713

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21683484

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21673836

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/91084

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21680750

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21681256

Url: http://www.ibm.com/support/docview.wss?uid=swg21677387

Url: http://secunia.com/advisories/61264

Url: http://www.securityfocus.com/bid/67601

Url: http://www.ibm.com/support/docview.wss?uid=swg21675343

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-0878

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21679610

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21686717

Url: http://www.ibm.com/support/docview.wss?uid=swg21675588

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21676672

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21672043

Url: https://www.mend.io/vulnerability-database/CVE-2014-0878

Severity Score

4.8

Weakness Type (CWE)

Cryptographic Issues

CWE-310

CVSS v3.1

Base Score:	4.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	5.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-0878

Date: May 26, 2014

Severity Score

Related Resources (24)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?