1. Home
  2. CVE Database
  3. CVE-2014-6221
HIGH · 9.4

CVE-2014-6221

The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, whi...

Vulnerability Description

The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

CVSS Score

9.4

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:N
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
NONE

Affected Products

VendorProductVersions
IbmRational Clearcase7.1.2

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2014-6221?

CVE-2014-6221 is a vulnerability with a CVSS score of 9.4 (HIGH). The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, whi...

How severe is CVE-2014-6221?

CVE-2014-6221 has been rated HIGH with a CVSS base score of 9.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-6221?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Rational Clearcase.