CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1620

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.0%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2013-1620

Mozilla » Network Security Services » Version: N/A

cpe:2.3:a:mozilla:network_security_services:-
Mozilla » Network Security Services » Version: 3.1

cpe:2.3:a:mozilla:network_security_services:3.1
Mozilla » Network Security Services » Version: 3.1.1

cpe:2.3:a:mozilla:network_security_services:3.1.1
Mozilla » Network Security Services » Version: 3.10

cpe:2.3:a:mozilla:network_security_services:3.10
Mozilla » Network Security Services » Version: 3.10.1

cpe:2.3:a:mozilla:network_security_services:3.10.1
Mozilla » Network Security Services » Version: 3.10.2

cpe:2.3:a:mozilla:network_security_services:3.10.2
Mozilla » Network Security Services » Version: 3.11

cpe:2.3:a:mozilla:network_security_services:3.11
Mozilla » Network Security Services » Version: 3.11.1

cpe:2.3:a:mozilla:network_security_services:3.11.1
Mozilla » Network Security Services » Version: 3.11.10

cpe:2.3:a:mozilla:network_security_services:3.11.10
Mozilla » Network Security Services » Version: 3.11.2

cpe:2.3:a:mozilla:network_security_services:3.11.2
Mozilla » Network Security Services » Version: 3.11.3

cpe:2.3:a:mozilla:network_security_services:3.11.3
Mozilla » Network Security Services » Version: 3.11.4

cpe:2.3:a:mozilla:network_security_services:3.11.4
Mozilla » Network Security Services » Version: 3.11.5

cpe:2.3:a:mozilla:network_security_services:3.11.5
Mozilla » Network Security Services » Version: 3.11.6

cpe:2.3:a:mozilla:network_security_services:3.11.6
Mozilla » Network Security Services » Version: 3.11.7

cpe:2.3:a:mozilla:network_security_services:3.11.7
Mozilla » Network Security Services » Version: 3.11.8

cpe:2.3:a:mozilla:network_security_services:3.11.8
Mozilla » Network Security Services » Version: 3.11.9

cpe:2.3:a:mozilla:network_security_services:3.11.9
Mozilla » Network Security Services » Version: 3.12

cpe:2.3:a:mozilla:network_security_services:3.12
Mozilla » Network Security Services » Version: 3.12.1

cpe:2.3:a:mozilla:network_security_services:3.12.1
Mozilla » Network Security Services » Version: 3.12.10

cpe:2.3:a:mozilla:network_security_services:3.12.10
Mozilla » Network Security Services » Version: 3.12.11

cpe:2.3:a:mozilla:network_security_services:3.12.11
Mozilla » Network Security Services » Version: 3.12.2

cpe:2.3:a:mozilla:network_security_services:3.12.2
Mozilla » Network Security Services » Version: 3.12.3

cpe:2.3:a:mozilla:network_security_services:3.12.3
Mozilla » Network Security Services » Version: 3.12.3.1

cpe:2.3:a:mozilla:network_security_services:3.12.3.1
Mozilla » Network Security Services » Version: 3.12.3.2

cpe:2.3:a:mozilla:network_security_services:3.12.3.2
Mozilla » Network Security Services » Version: 3.12.4

cpe:2.3:a:mozilla:network_security_services:3.12.4
Mozilla » Network Security Services » Version: 3.12.5

cpe:2.3:a:mozilla:network_security_services:3.12.5
Mozilla » Network Security Services » Version: 3.12.6

cpe:2.3:a:mozilla:network_security_services:3.12.6
Mozilla » Network Security Services » Version: 3.12.7

cpe:2.3:a:mozilla:network_security_services:3.12.7
Mozilla » Network Security Services » Version: 3.12.8

cpe:2.3:a:mozilla:network_security_services:3.12.8
Mozilla » Network Security Services » Version: 3.12.9

cpe:2.3:a:mozilla:network_security_services:3.12.9
Mozilla » Network Security Services » Version: 3.14

cpe:2.3:a:mozilla:network_security_services:3.14
Mozilla » Network Security Services » Version: 3.14.1

cpe:2.3:a:mozilla:network_security_services:3.14.1
Mozilla » Network Security Services » Version: 3.14.2

cpe:2.3:a:mozilla:network_security_services:3.14.2
Mozilla » Network Security Services » Version: 3.2

cpe:2.3:a:mozilla:network_security_services:3.2
Mozilla » Network Security Services » Version: 3.2.1

cpe:2.3:a:mozilla:network_security_services:3.2.1
Mozilla » Network Security Services » Version: 3.3

cpe:2.3:a:mozilla:network_security_services:3.3
Mozilla » Network Security Services » Version: 3.3.1

cpe:2.3:a:mozilla:network_security_services:3.3.1
Mozilla » Network Security Services » Version: 3.3.2

cpe:2.3:a:mozilla:network_security_services:3.3.2
Mozilla » Network Security Services » Version: 3.4

cpe:2.3:a:mozilla:network_security_services:3.4
Mozilla » Network Security Services » Version: 3.4.1

cpe:2.3:a:mozilla:network_security_services:3.4.1
Mozilla » Network Security Services » Version: 3.4.2

cpe:2.3:a:mozilla:network_security_services:3.4.2
Mozilla » Network Security Services » Version: 3.4.3

cpe:2.3:a:mozilla:network_security_services:3.4.3
Mozilla » Network Security Services » Version: 3.5

cpe:2.3:a:mozilla:network_security_services:3.5
Mozilla » Network Security Services » Version: 3.6

cpe:2.3:a:mozilla:network_security_services:3.6
Mozilla » Network Security Services » Version: 3.6.1

cpe:2.3:a:mozilla:network_security_services:3.6.1
Mozilla » Network Security Services » Version: 3.7

cpe:2.3:a:mozilla:network_security_services:3.7
Mozilla » Network Security Services » Version: 3.7.1

cpe:2.3:a:mozilla:network_security_services:3.7.1
Mozilla » Network Security Services » Version: 3.7.2

cpe:2.3:a:mozilla:network_security_services:3.7.2
Mozilla » Network Security Services » Version: 3.7.3

cpe:2.3:a:mozilla:network_security_services:3.7.3
Mozilla » Network Security Services » Version: 3.7.5

cpe:2.3:a:mozilla:network_security_services:3.7.5
Mozilla » Network Security Services » Version: 3.7.7

cpe:2.3:a:mozilla:network_security_services:3.7.7
Mozilla » Network Security Services » Version: 3.8

cpe:2.3:a:mozilla:network_security_services:3.8
Mozilla » Network Security Services » Version: 3.9

cpe:2.3:a:mozilla:network_security_services:3.9
Mozilla » Network Security Services » Version: 3.9.1

cpe:2.3:a:mozilla:network_security_services:3.9.1
Mozilla » Network Security Services » Version: 3.9.2

cpe:2.3:a:mozilla:network_security_services:3.9.2
Mozilla » Network Security Services » Version: 3.9.3

cpe:2.3:a:mozilla:network_security_services:3.9.3
Mozilla » Network Security Services » Version: 3.9.4

cpe:2.3:a:mozilla:network_security_services:3.9.4
Mozilla » Network Security Services » Version: 3.9.5

cpe:2.3:a:mozilla:network_security_services:3.9.5
Oracle » Enterprise Manager Ops Center » Version: 11.1

cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1
Oracle » Enterprise Manager Ops Center » Version: 12.1

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1
Oracle » Enterprise Manager Ops Center » Version: 12.2

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2
Oracle » Glassfish Communications Server » Version: 2.0

cpe:2.3:a:oracle:glassfish_communications_server:2.0
Oracle » Glassfish Server » Version: 2.1.1

cpe:2.3:a:oracle:glassfish_server:2.1.1
Oracle » Iplanet Web Proxy Server » Version: 4.0

cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0
Oracle » Iplanet Web Server » Version: 6.1

cpe:2.3:a:oracle:iplanet_web_server:6.1
Oracle » Iplanet Web Server » Version: 7.0

cpe:2.3:a:oracle:iplanet_web_server:7.0
Oracle » Opensso » Version: 3.0-03

cpe:2.3:a:oracle:opensso:3.0-03
Oracle » Traffic Director » Version: 11.1.1.6.0

cpe:2.3:a:oracle:traffic_director:11.1.1.6.0
Oracle » Traffic Director » Version: 11.1.1.7.0

cpe:2.3:a:oracle:traffic_director:11.1.1.7.0
Oracle » Vm Server » Version: 3.2

cpe:2.3:a:oracle:vm_server:3.2
Canonical » Ubuntu Linux » Version: 10.04

cpe:2.3:o:canonical:ubuntu_linux:10.04
Canonical » Ubuntu Linux » Version: 11.10

cpe:2.3:o:canonical:ubuntu_linux:11.10
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 12.10

cpe:2.3:o:canonical:ubuntu_linux:12.10
Redhat » Enterprise Linux Desktop » Version: 5.0

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
Redhat » Enterprise Linux Desktop » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
Redhat » Enterprise Linux Eus » Version: 5.9

cpe:2.3:o:redhat:enterprise_linux_eus:5.9
Redhat » Enterprise Linux Server » Version: 5.0

cpe:2.3:o:redhat:enterprise_linux_server:5.0
Redhat » Enterprise Linux Server » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_server:6.0
Redhat » Enterprise Linux Server Aus » Version: 5.9

cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9
Redhat » Enterprise Linux Workstation » Version: 5.0

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
Redhat » Enterprise Linux Workstation » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1620

Products

Pricing

Contact Us