What is CVE-2014-3068?

CVE-2014-3068 is a vulnerability in Ibm Java, classified under CWE-255. Published 2014-12-02.

Is CVE-2014-3068 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Java

CVE-2014-3068

IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a…

EPSS: 0.002 (46.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Java — versions 5.0.0.0, 5.0.11.0, 5.0.11.1
N/a — versions n/a

Weakness classification (CWE)

CWE-255

Public proof-of-concept exploits

References

ibm-ikeyman-cve20143068-info-disc(93756) (vdb-entry, x_refsource_XF)
IV66876 (vendor-advisory, x_refsource_AIXAPAR, Vendor Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM)
RHSA-2015:0264 (x_refsource_REDHAT, vendor-advisory)
IV66894 (vendor-advisory, x_refsource_AIXAPAR, Vendor Advisory)

Frequently asked questions

What is CVE-2014-3068?: CVE-2014-3068 is a vulnerability in Ibm Java, classified under CWE-255. Published 2014-12-02.
Is CVE-2014-3068 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.