CVE-2014-0224 OpenSSL MITM ChangeCipherSpec (CCS) Injection flaw

In additon, OpenSSL also regarding following seven vulnerabilities. Some of vendor had max tham to a “Security Advisories”

CVE Number	CVSS base score	Description
CVE-2014-0224	6.8	SSL/TLS MITM vulnerability
CVE-2014-0221	4.3	DTLS recursion flaw
CVE-2014-0195	6.8	DTLS invalid fragment vulnerability
CVE-2014-0198	4.3	SSL_MODE_RELEASE_BUFFERS NULL pointer dereference
CVE-2010-5298	4.0	SSL_MODE_RELEASE_BUFFERS session injection or denial of service
CVE-2014-3470	4.3	Anonymous ECDH denial of service
CVE-2014-0076	4.3	ECDSA nonce disclosure using side-channel attack

About Networking Vendors

Vendor	Affected	Announcement	Announce Date
A10	Yes	Link at A10(login required)	2014-06-05
Arbor Networks	–	https://arbor.custhelp.com/app/answers/detail/a_id/2379	2014-06-05
Aruba Networks	Yes	External Document at Aruba Alert	2014-06-06
BlueCoat	Yes	External link at BlueCoat KB	2014-06-06
Brocade	–
CheckPoint	No	External link at CheckPoint	2014-06-06
Cisco	Yes	External link at Cisco	2014-06-05
Dlink	–
Enterasys (Part of Extreme)	–
Extreme Networks	–
F5	Yes	External link at F5	2014-06-05
FireEye	Yes	External link at FireEye	2014-06-09
Fortinet	Yes	External link at FortiGuard	2014-06-06
iMPERVA	Yes Only 10.5	External link at iMPERVA (login required)	2014-06-07
Juniper	Yes	External link at Juniper KB	2014-06-??
McAfee	Yes	External link at McAfee	2014-06-??
NetAxle	–	External link at NetAxle	–
Palo Alto	Yes	External link at Palo Alto	2014-06-09
Ruckus Wireless	–	External link at Ruckus Security
Sophers	–
Sourcefire (Part of Cisco)	–	Check Cisco
Splunk	Yes	External link at Splunk Answers	2014-06-09
TippingPoint	–
VMware	Yes	External link at VMware KB	2014-06-10
Websense	Yes	External link at Websense	2014-06-12