CVE-2014-1757

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
CVE-2014-1757 is a vulnerability that was discovered in April 2014 and affects the OpenSSL cryptographic software library. This vulnerability allows an attacker to launch a Man-in-the-Middle (MitM) attack, where they can intercept and modify traffic between two parties without their knowledge. Specifically, the vulnerability exists in the way OpenSSL handles session tickets, which are used to speed up the process of establishing encrypted connections. When this vulnerability was discovered, it was immediately deemed critical due to the widespread use of OpenSSL in many popular websites and applications. The vulnerability could allow attackers to steal sensitive information such as passwords, credit card numbers, and other confidential data that is transmitted over the internet. It also allowed attackers to bypass security controls like firewalls and intrusion detection systems. As a result of this vulnerability, OpenSSL released a security patch on April 7th, 2014, which addressed the issue and advised users to update their systems as soon as possible. Many major websites and companies, including Google, Facebook, and Yahoo, quickly updated their systems to mitigate the risk of exploitation. However, there were still concerns that some smaller organizations or individuals may have been slow to apply the patch, leaving them vulnerable to attacks. Ultimately, the discovery of CVE-2014-1757 highlighted the importance of regularly updating software and implementing strong security measures to protect against vulnerabilities and cyber threats.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2014-1757 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards