CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

Published: 2015-04-01 Last update: 2026-05-28 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2015-2808 is rated Moderate Risk (48.9/100): CVSS Low severity, with high exploitation likelihood (EPSS 23.82%, 96th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2015-2808

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-04 23.36% 23.82% +0.46%
2 2026-05-29 21.39% 23.36% +1.96%
3 2026-05-28 21.39%

Full EPSS history (49 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2015-2808

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
3.7 3.1 LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
 2.2 1.4 134c704f-9b21-4f2e-91b3-4a467353bcc0
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2015-2808

GitHub Security Advisory for CVE-2015-2808

GHSA-jcj6-c96p-jcmm · Severity: medium — The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state...

OS Trackers for CVE-2015-2808

vendor priority summary link
debian not yet assigned CVE-2015-2808 not yet assigned priority: Debian including 1 source packages (openjdk-8), 1 status rows across 1 suites (sid): resolved 1. https://security-tracker.debian.org/tracker/CVE-2015-2808
gentoo normal CVE-2015-2808: 1 GLSA(s) (201512-10), 4 atom(s) (mail-client/thunderbird, mail-client/thunderbird-bin, www-client/firefox, www-client/firefox-bin); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2015-2808
redhat medium https://access.redhat.com/security/cve/CVE-2015-2808
suse high CVE-2015-2808 severity important: SUSE including 230 source package names (java-1.6.0-openjdk-1.6.0.36-1.13.8.1.el7_1, java-1.6.0-openjdk-demo-1.6.0.36-1.13.8.1.el7_1, …), 533 product×package rows across 79 product lines (HPE Helion OpenStack 8, Image SLES12-SP5-Azure-SAP-BYOS, … (79 product lines)): Fixed 338, Known Not Affected 195. https://www.suse.com/security/cve/CVE-2015-2808/
ubuntu medium CVE-2015-2808 medium priority: Ubuntu including 3 source packages (openjdk-6, openjdk-7, openjdk-8), 18 status rows across 6 suites (precise, trusty, upstream, utopic, vivid, wily): released 7, ignored 4, needs-triage 3, DNE 2, not-affected 2. https://ubuntu.com/security/CVE-2015-2808

Affected software / configurations for CVE-2015-2808

Vendor Product Version Raw CPE
oracle communications_application_session_controller >= 3.0.0, <= 3.9.0 cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*
oracle communications_policy_management < 9.9.2 cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*
oracle http_server 11.1.1.7.0 cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
oracle http_server 11.1.1.9.0 cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*
oracle http_server 12.1.3.0.0 cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*
oracle http_server 12.2.1.1.0 cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*
oracle http_server 12.2.1.2.0 cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*
oracle integrated_lights_out_manager_firmware >= 3.0.0, <= 3.2.11 cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*
oracle integrated_lights_out_manager_firmware >= 4.0.0, <= 4.0.4 cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
redhat satellite 5.7 cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 5.0 cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_eus 6.6 cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.1 cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.2 cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.3 cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.4 cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.5 cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.6 cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_eus 7.7 cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_server 5.0 cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 6.6 cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.7 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.7 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 5.0 cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
suse linux_enterprise_debuginfo 11 cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
suse linux_enterprise_debuginfo 11 cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
opensuse opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuse opensuse 13.2 cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
suse linux_enterprise_desktop 11 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
suse linux_enterprise_desktop 11 cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
suse linux_enterprise_desktop 12 cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
suse linux_enterprise_server 10 cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
suse linux_enterprise_server 12 cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
suse linux_enterprise_software_development_kit 11 cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
suse linux_enterprise_software_development_kit 12 cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
suse manager 1.7 cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
canonical ubuntu_linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
canonical ubuntu_linux 15.04 cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
redhat satellite 5.6 cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
fujitsu sparc_enterprise_m3000_firmware >= xcp, < xcp_1121 cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*
fujitsu sparc_enterprise_m4000_firmware >= xcp, < xcp_1121 cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*
fujitsu sparc_enterprise_m5000_firmware >= xcp, < xcp_1121 cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*
fujitsu sparc_enterprise_m8000_firmware >= xcp, < xcp_1121 cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*
fujitsu sparc_enterprise_m9000_firmware >= xcp, < xcp_1121 cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*
huawei e6000_firmware cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:*
huawei e9000_firmware cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_18500_firmware cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_18800_firmware cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_18800f_firmware cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_9000_firmware cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_cse_firmware cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_hvs85t_firmware cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_s2600t_firmware cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_s5500t_firmware cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_s5600t_firmware cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_s5800t_firmware cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_s6800t_firmware cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:*
huawei oceanstor_vis6600t_firmware cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:*
huawei quidway_s9300_firmware cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:*
huawei s7700_firmware cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*
huawei 9700_firmware cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*
huawei s12700_firmware cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*
huawei s2700_firmware cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:*

References for CVE-2015-2808

URL Tags
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143456209711959&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=143629696317098&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=143741441012338&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=143817021313142&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=143817899717054&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=143818140118771&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144043644216842&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144059660127919&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144059703728085&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144060576831314&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144060606031437&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144069189622016&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144102017024820&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144104533800819&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144104565600964&w=2 Issue Tracking Third Party Advisory
http://marc.info/?l=bugtraq&m=144493176821532&w=2 Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1006.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1007.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1020.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1021.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1091.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1228.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1229.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1230.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1241.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1242.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1243.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1526.html Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21883640 Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21903565 Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960015 Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960769 Third Party Advisory
http://www.debian.org/security/2015/dsa-3316 Third Party Advisory
http://www.debian.org/security/2015/dsa-3339 Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/hw-454055 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory
http://www.securityfocus.com/bid/73684 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/91787 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032599 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032600 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032707 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032708 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032734 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032788 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032858 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032868 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032910 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032990 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033071 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033072 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033386 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033415 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033431 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033432 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033737 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033769 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036222 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2696-1 Third Party Advisory
http://www.ubuntu.com/usn/USN-2706-1 Third Party Advisory
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm Third Party Advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246 Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789 Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650 Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888 Third Party Advisory
https://kb.juniper.net/JSA10783 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10163 Broken Link
https://security.gentoo.org/glsa/201512-10 Third Party Advisory
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709 Third Party Advisory
https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf Technical Description Third Party Advisory
https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/
cvelogic Threat Intelligence