VDB

RHSA-2014%3A1920

RHSA-2014%3A1920 PUBLISHED CVSS 5 MEDIUM

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

Risk Scores

CVSS 2.0
5

Affected Products

VendorProductVersions
Red HatRed Hat JBoss Web Server 2.1

Timeline

  • Oct 21, 2014 PoC Published
  • Dec 1, 2014 CVE Published
  • Apr 11, 2025 PoC Published
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›