CVE-2014-0160
Confirmed PUBLISHEDThe (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote...
Recommended Action
Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
At a Glance
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
- CVE Published
- Apr 07, 2014
- Exploitation Reported
- May 04, 2022
- CVSS
- 7.5 High
- EPSS
- —
Affected Versions
| Vendor | Product | Version | Status |
|---|---|---|---|
| n/a |
n/a
|
n/a |
Affected |
CVE References
- DSA-2896 debian.org · Vendor Advisory http://www.debian.org/security/2014/dsa-2896
- HPSBGN03008 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139774054614965&w=2
- HPSBMU03024 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139889113431619&w=2
- RHSA-2014:0396 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2014-0396.html
- HPSBHF03021 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139835815211508&w=2
Show 123 more references
- HPSBHF03136 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=141287864628122&w=2
- HPSBMU03033 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905295427946&w=2
- HPSBGN03011 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139833395230364&w=2
- openSUSE-SU-2014:0492 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004...
- SSRT101846 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=142660345230545&w=2
- HPSBMU03037 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=140724451518351&w=2
- HPSBMU03012 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139808058921905&w=2
- HPSBST03001 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139758572430452&w=2
- HPSBMU03023 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139843768401936&w=2
- 20140409 OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products tools.cisco.com · Vendor Advisory http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/...
- HPSBMU03044 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=140075368411126&w=2
- HPSBMU03030 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905351928096&w=2
- FEDORA-2014-4879 lists.fedoraproject.org · Vendor Advisory http://lists.fedoraproject.org/pipermail/package-announce/2014-April/...
- FEDORA-2014-4910 lists.fedoraproject.org · Vendor Advisory http://lists.fedoraproject.org/pipermail/package-announce/2014-April/...
- FEDORA-2014-9308 lists.fedoraproject.org · Vendor Advisory http://lists.fedoraproject.org/pipermail/package-announce/2014-August...
- HPSBMU03013 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139824993005633&w=2
- RHSA-2014:0377 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2014-0377.html
- HPSBMU02995 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139722163017074&w=2
- HPSBPI03031 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139889295732144&w=2
- HPSBMU02999 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139765756720506&w=2
- HPSBGN03010 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139774703817488&w=2
- HPSBMU03029 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905202427693&w=2
- HPSBMU03018 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139817782017443&w=2
- HPSBMU03040 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=140015787404650&w=2
- HPSBMU03025 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139869720529462&w=2
- HPSBST03016 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139842151128341&w=2
- HPSBMU03028 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905243827825&w=2
- HPSBMU03009 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905458328378&w=2
- HPSBST03000 h20566.www2.hp.com · Vendor Advisory https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/d...
- HPSBST03004 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905653828999&w=2
- USN-2165-1 ubuntu.com · Vendor Advisory http://www.ubuntu.com/usn/USN-2165-1
- RHSA-2014:0378 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2014-0378.html
- HPSBMU02997 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139757919027752&w=2
- SUSE-SA:2014:002 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005...
- HPSBMU02994 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139757726426985&w=2
- HPSBMU03022 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139869891830365&w=2
- HPSBST03027 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905868529690&w=2
- HPSBMU03019 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139817685517037&w=2
- HPSBMU03062 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=140752315422991&w=2
- HPSBMU03020 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139836085512508&w=2
- HPSBST03015 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139824923705461&w=2
- RHSA-2014:0376 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2014-0376.html
- HPSBPI03014 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139835844111589&w=2
- MDVSA-2015:062 mandriva.com · Vendor Advisory http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
- openSUSE-SU-2014:0560 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html
- HPSBMU03032 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139905405728262&w=2
- HPSBMU02998 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139757819327350&w=2
- HPSBMU03017 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=139817727317190&w=2
- VU#720951 kb.cert.org · Third-Party Advisory http://www.kb.cert.org/vuls/id/720951
- 57836 secunia.com · Third-Party Advisory http://secunia.com/advisories/57836
- 57483 secunia.com · Third-Party Advisory http://secunia.com/advisories/57483
- TA14-098A us-cert.gov · Third-Party Advisory http://www.us-cert.gov/ncas/alerts/TA14-098A
- 57347 secunia.com · Third-Party Advisory http://secunia.com/advisories/57347
- 59243 secunia.com · Third-Party Advisory http://secunia.com/advisories/59243
- 57721 secunia.com · Third-Party Advisory http://secunia.com/advisories/57721
- 57968 secunia.com · Third-Party Advisory http://secunia.com/advisories/57968
- 59139 secunia.com · Third-Party Advisory http://secunia.com/advisories/59139
- 57966 secunia.com · Third-Party Advisory http://secunia.com/advisories/57966
- 59347 secunia.com · Third-Party Advisory http://secunia.com/advisories/59347
- 32764 exploit-db.com · Exploit http://www.exploit-db.com/exploits/32764
- 32745 exploit-db.com · Exploit http://www.exploit-db.com/exploits/32745
- 1030077 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030077
- 1030080 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030080
- 66690 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/66690
- 1030081 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030081
- 1030079 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030079
- 1030078 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030078
- 1030082 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030082
- 1030074 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030074
- 1030026 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1030026
- 20140408 heartbleed OpenSSL bug CVE-2014-0160 seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Apr/90
- 20140409 Re: heartbleed OpenSSL bug CVE-2014-0160 seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Apr/109
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities securityfocus.com · Mailing List http://www.securityfocus.com/archive/1/534161/100/0/threaded
- [syslog-ng-announce] 20140411 syslog-ng Premium Edition 5 LTS (5.0.4a) has been released lists.balabit.hu · Mailing List https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-April/0001...
- 20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Apr/173
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Dec/23
- 20140408 Re: heartbleed OpenSSL bug CVE-2014-0160 seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Apr/91
- 20140412 Re: heartbleed OpenSSL bug CVE-2014-0160 seclists.org · Mailing List http://seclists.org/fulldisclosure/2014/Apr/190
- [tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ lists.apache.org · Mailing List https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620d...
- [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ lists.apache.org · Mailing List https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f...
- [tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ lists.apache.org · Mailing List https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10...
- [tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ lists.apache.org · Mailing List https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca...
- support.f5.com/kb/en-us/solutions/public/15000/100/sol15159... support.f5.com · CVE Record https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.h...
- getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2... getchef.com · CVE Record http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-201...
- splunk.com/view/SP-CAAAMB3 splunk.com · CVE Record http://www.splunk.com/view/SP-CAAAMB3
- websense.com/support/article/kbarticle/Vulnerabilities-re... websense.com · CVE Record http://www.websense.com/support/article/kbarticle/Vulnerabilities-res...
- apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf apcmedia.com · CVE Record http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
- www-01.ibm.com/support/docview.wss www-01.ibm.com · CVE Record http://www-01.ibm.com/support/docview.wss?uid=swg21670161
- vmware.com/security/advisories/VMSA-2014-0012.html vmware.com · CVE Record http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- www-01.ibm.com/support/docview.wss www-01.ibm.com · CVE Record http://www-01.ibm.com/support/docview.wss?uid=isg400001843
- innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_N... innominate.com · CVE Record http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_Release_...
- filezilla-project.org/versions.php filezilla-project.org · CVE Record https://filezilla-project.org/versions.php?type=server
- kerio.com/support/kerio-control/release-history kerio.com · CVE Record http://www.kerio.com/support/kerio-control/release-history
- advisories.mageia.org/MGASA-2014-0165.html advisories.mageia.org · CVE Record http://advisories.mageia.org/MGASA-2014-0165.html
- blackberry.com/btsc/KB35882 blackberry.com · CVE Record http://www.blackberry.com/btsc/KB35882
- bugzilla.redhat.com/show_bug.cgi bugzilla.redhat.com · CVE Record https://bugzilla.redhat.com/show_bug.cgi?id=1084875
- www-01.ibm.com/support/docview.wss www-01.ibm.com · CVE Record http://www-01.ibm.com/support/docview.wss?uid=isg400001841
- code.google.com/p/mod-spdy/issues/detail code.google.com · CVE Record https://code.google.com/p/mod-spdy/issues/detail?id=85
- getchef.com/blog/2014/04/09/chef-server-11-0-12-release getchef.com · CVE Record http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/
- heartbleed.com heartbleed.com · CVE Record http://heartbleed.com/
- download.schneider-electric.com/files download.schneider-electric.com · CVE Record http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-11...
- cogentdatahub.com/ReleaseNotes.html cogentdatahub.com · CVE Record http://cogentdatahub.com/ReleaseNotes.html
- f-secure.com/en/web/labs_global/fsc-2014-1 f-secure.com · CVE Record http://www.f-secure.com/en/web/labs_global/fsc-2014-1
- blog.torproject.org/blog/openssl-bug-cve-2014-0160 blog.torproject.org · CVE Record https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
- oracle.com/technetwork/topics/security/cpujul2014-19729... oracle.com · CVE Record http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956....
- oracle.com/technetwork/topics/security/opensslheartblee... oracle.com · CVE Record http://www.oracle.com/technetwork/topics/security/opensslheartbleedcv...
- support.f5.com/kb/en-us/solutions/public/15000/100/sol15159... support.f5.com · CVE Record https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
- git.openssl.org/gitweb git.openssl.org · CVE Record http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b...
- symantec.com/security_response/securityupdates/detail.jsp symantec.com · CVE Record http://www.symantec.com/security_response/securityupdates/detail.jsp?...
- www-01.ibm.com/support/docview.wss www-01.ibm.com · CVE Record http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661
- cert.fi/en/reports/2014/vulnerability788210.html cert.fi · CVE Record https://www.cert.fi/en/reports/2014/vulnerability788210.html
- blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog blog.fox-it.com · CVE Record http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/
- public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx public.support.unisys.com · CVE Record http://public.support.unisys.com/common/public/vulnerability/NVD_Deta...
- getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release getchef.com · CVE Record http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/
- mitel.com/en-ca/support/security-advisories/mitel-prod... mitel.com · CVE Record https://www.mitel.com/en-ca/support/security-advisories/mitel-product...
- openssl.org/news/secadv_20140407.txt openssl.org · CVE Record http://www.openssl.org/news/secadv_20140407.txt
- gist.github.com/chapmajs/10473815 gist.github.com · CVE Record https://gist.github.com/chapmajs/10473815
- public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx public.support.unisys.com · CVE Record http://public.support.unisys.com/common/public/vulnerability/NVD_Deta...
- support.citrix.com/article/CTX140605 support.citrix.com · CVE Record http://support.citrix.com/article/CTX140605
- getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release getchef.com · CVE Record http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/
- sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.... sku11army.blogspot.com · CVE Record https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-...
- cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf cert-portal.siemens.com · CVE Record https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf
- yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-... yunus-shn.medium.com · CVE Record https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbl...
Recommended Actions
- Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
- Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
- Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
Per-source evidence links for KEV attestations are available through the KEVIntel Pro API.
Learn about Pro API access| Source | Added |
|---|---|
| CISA First | 2022-05-04 00:00 UTC |
No detection artifacts or sensor request patterns are available for this CVE yet.
Check back as sensor telemetry and scanner integrations are updated.
Virtual Patch
Compensating WAF rules to help reduce exposure to this CVE. Rule content and deployable vendor exports are available with KEVIntel Enterprise.
KEVIntel does not currently have a virtual patch for this CVE. When available, KEVIntel virtual patches ship as deployable ModSecurity, Cloudflare, and AWS WAF rules.
Enterprise feature. Virtual patch rule content and deployable vendor exports (ModSecurity, Cloudflare, AWS WAF) are available to KEVIntel Enterprise users.
CVSS Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitation Status
Exploited in the wild
Recorded 2022-05-04 00:00:00 UTC · CISA
Proof of concept available
Recorded 2014-04-08 09:19:49 UTC · GitHub
Weaknesses (CWE)
-
Out-of-bounds Read
Potential Proof of Concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2024-09-20 13:44:54 UTC · 0 stars
github · Created 2023-04-30 13:56:47 UTC · 0 stars
github · Created 2022-04-24 11:53:16 UTC · 0 stars
github · Created 2020-12-09 15:08:21 UTC · 0 stars
github · Created 2019-04-02 17:08:01 UTC · 0 stars
github · Created 2018-11-08 02:50:28 UTC · 0 stars
来自:https://www.freebuf.com/articles/web/31700.html
github · Created 2014-04-10 04:27:10 UTC · 0 stars
github · Created 2014-04-08 22:29:55 UTC · 0 stars
openssl Heart Bleed Exploit: CVE-2014-0160 Mass Security Auditor
github · Created 2014-04-08 14:22:36 UTC · 0 stars
github · Created 2014-04-08 09:19:49 UTC · 19 stars
Patch openssl #heartbleed with ansible
Timeline
Key exploitation, disclosure, scanner coverage, and KEV attestation events for this CVE.
-
00:00 UTC about 4 years ago00:00 UTC · about 4 years ago
Added to CISA KEV
Listed in the CISA Known Exploited Vulnerabilities catalog
-
09:19 UTC over 12 years ago09:19 UTC · over 12 years ago
Public PoC available
Public proof-of-concept code published
-
00:00 UTC over 12 years ago00:00 UTC · over 12 years ago
CVE published
Vulnerability disclosed publicly
-
00:00 UTC over 12 years ago00:00 UTC · over 12 years ago
CVE ID reserved
Identifier reserved by the CNA
Automate This Intelligence with the Pro API
Confidence scoring, exploit status, sensor telemetry, PoCs, scanner integrations, mentions, and tags are available programmatically for VM, SOC, and CTI workflows.
Pro API Example
GET /api/v2/pro/kevs/CVE-2014-0160
{
"cve_id": "CVE-2014-0160",
"title": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do no...",
"affected_vendor": "OpenSSL",
"affected_product": "OpenSSL",
"affected_versions": [
{ "vendor": "...", "product": "...", "status": "affected", "display_label": "..." }
],
"confidence": "Confirmed",
"cvss_score": 7.5,
"epss_score": null,
"exploit_status": {
"exploited_in_the_wild": true,
"active_exploitation_observed": false
},
"sensor_telemetry": { "...": "Pro API fields" },
"proof_of_concepts": [ "..." ],
"scanner_integrations": [ "..." ]
}