Executive Summary

Informations
Name CVE-2014-5277 First vendor Publication 2014-11-17
Vendor Cve Last vendor Modification 2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5277

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-17 Code

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 63

Nessus® Vulnerability Scanner

Date Description
2015-04-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0776.nasl - Type : ACT_GATHER_INFO
2014-11-14 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-660.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU
Source Url
SUSE http://lists.opensuse.org/opensuse-updates/2014-11/msg00048.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
Date Informations
2023-11-07 21:45:12
  • Multiple Updates
2021-05-04 12:32:53
  • Multiple Updates
2021-04-22 01:40:10
  • Multiple Updates
2020-05-24 01:14:15
  • Multiple Updates
2020-05-23 01:52:45
  • Multiple Updates
2020-05-23 00:41:47
  • Multiple Updates
2018-08-14 00:19:31
  • Multiple Updates
2018-03-02 01:01:13
  • Multiple Updates
2017-04-05 12:01:39
  • Multiple Updates
2016-04-27 01:05:38
  • Multiple Updates
2015-04-04 13:27:20
  • Multiple Updates
2014-11-19 09:24:22
  • Multiple Updates
2014-11-18 00:22:39
  • Multiple Updates
2014-11-17 21:23:41
  • First insertion