Vulnerability in Fujitsu Sparc_enterprise_m3000
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against t…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.238 (96.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Fujitsu Sparc_enterprise_m3000
- Fujitsu Sparc_enterprise_m3000_firmware
- Fujitsu Sparc_enterprise_m4000
- Fujitsu Sparc_enterprise_m4000_firmware
- Fujitsu Sparc_enterprise_m5000
- Fujitsu Sparc_enterprise_m5000_firmware
- Fujitsu Sparc_enterprise_m8000
- Fujitsu Sparc_enterprise_m8000_firmware
- Fujitsu Sparc_enterprise_m9000
- Fujitsu Sparc_enterprise_m9000_firmware
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cve@mitre.org (vendor-advisory, Third Party Advisory, Issue Tracking)
- cve@mitre.org (vendor-advisory, Third Party Advisory)
- cve@mitre.org (vendor-advisory, Third Party Advisory)
- cve@mitre.org (vendor-advisory, Third Party Advisory, Issue Tracking)
- cve@mitre.org (vendor-advisory, Third Party Advisory, Issue Tracking)
- cve@mitre.org (Third Party Advisory)
- cve@mitre.org (vendor-advisory, Third Party Advisory)
- cve@mitre.org (Third Party Advisory)
- cve@mitre.org (Third Party Advisory)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry)
Frequently asked questions
- What is CVE-2015-2808?
- CVE-2015-2808 is a low-severity vulnerability in Fujitsu Sparc_enterprise_m3000, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 3.7/10. Published 2015-04-01.
- How severe is CVE-2015-2808?
- Low severity. CVSS v3 base score is 3.7 out of 10.
- Is CVE-2015-2808 known to be exploited?
- 29 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.