CVE-2014-0878
Last modified
CVE-2014-0878 is a vulnerability of currently unknown severity. The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.. EPSS estimates a 2.09% chance of exploitation in the next 30 days.
Description
The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Java Sdk | 6.0.0.0 |
| Ibm | Java Sdk | 6.0.1.0 |
| Ibm | Java Sdk | 6.0.2.0 |
| Ibm | Java Sdk | 6.0.3.0 |
| Ibm | Java Sdk | 6.0.4.0 |
| Ibm | Java Sdk | 6.0.5.0 |
| Ibm | Java Sdk | 6.0.6.0 |
| Ibm | Java Sdk | 6.0.7.0 |
| Ibm | Java Sdk | 6.0.8.0 |
| Ibm | Java Sdk | 6.0.8.1 |
| Ibm | Java Sdk | 6.0.9.0 |
| Ibm | Java Sdk | 6.0.9.1 |
| Ibm | Java Sdk | 6.0.9.2 |
| Ibm | Java Sdk | 6.0.10.0 |
| Ibm | Java Sdk | 6.0.10.1 |
| Ibm | Java Sdk | 6.0.11.0 |
| Ibm | Java Sdk | 6.0.12.0 |
| Ibm | Java Sdk | 6.0.13.0 |
| Ibm | Java Sdk | 6.0.13.1 |
| Ibm | Java Sdk | 6.0.13.2 |
| Ibm | Java Sdk | 6.0.14.0 |
| Ibm | Java Sdk | 6.0.15.0 |
| Ibm | Java Sdk | 6.0.15.1 |
| Ibm | Java Sdk | 5.0.0.0 |
| Ibm | Java Sdk | 5.0.11.0 |
| Ibm | Java Sdk | 5.0.11.1 |
| Ibm | Java Sdk | 5.0.11.2 |
| Ibm | Java Sdk | 5.0.12.0 |
| Ibm | Java Sdk | 5.0.12.1 |
| Ibm | Java Sdk | 5.0.12.2 |
| Ibm | Java Sdk | 5.0.12.3 |
| Ibm | Java Sdk | 5.0.12.4 |
| Ibm | Java Sdk | 5.0.12.5 |
| Ibm | Java Sdk | 5.0.13.0 |
| Ibm | Java Sdk | 5.0.14.0 |
| Ibm | Java Sdk | 5.0.15.0 |
| Ibm | Java Sdk | 5.0.16.0 |
| Ibm | Java Sdk | 5.0.16.1 |
| Ibm | Java Sdk | 5.0.16.2 |
| Ibm | Java Sdk | 5.0.16.3 |
| Ibm | Java Sdk | 5.0.16.4 |
| Ibm | Java Sdk | 5.0.16.5 |
| Ibm | Java Sdk | 7.0.0.0 |
| Ibm | Java Sdk | 7.0.1.0 |
| Ibm | Java Sdk | 7.0.2.0 |
| Ibm | Java Sdk | 7.0.3.0 |
| Ibm | Java Sdk | 7.0.4.0 |
| Ibm | Java Sdk | 7.0.4.1 |
| Ibm | Java Sdk | 7.0.4.2 |
| Ibm | Java Sdk | 7.0.5.0 |
Showing 50 of 53 affected configurations. See NVD for the full list.
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21672043Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21686717Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21689593Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21672043Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21686717Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21689593Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-0878?
How severe is CVE-2014-0878?
How do I fix CVE-2014-0878?
Are you affected by CVE-2014-0878?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST