Is CVE-2014-3568 in the CISA KEV catalog?

No. CVE-2014-3568 is not currently on the CISA Known Exploited Vulnerabilities list.

What is the CVSS severity of CVE-2014-3568?

CVE-2014-3568 has a CVSS v2 base score of 4.3 (MEDIUM).

What is the EPSS score for CVE-2014-3568?

CVE-2014-3568 has an EPSS score of 16.10% (97th percentile), estimating the probability of exploitation in the next 30 days.

CVE & CISA-KEV Catalog

CVE-2014-3568

MEDIUMEPSS 97th pctl

4.3

CVSS v2

NVD

Description

OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.

CWE-310

CVSS v2 Vector

No CVSS vector data available.

Exploit Intelligence

16.10%probability of exploitation in 30 days

97thpercentile

Very high risk: more likely to be exploited than 97% of all known CVEs.

References

http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
http://marc.info/?l=bugtraq&m=141477196830952&w=2
http://marc.info/?l=bugtraq&m=142103967620673&w=2
http://marc.info/?l=bugtraq&m=142495837901899&w=2
http://marc.info/?l=bugtraq&m=142624590206005&w=2
http://marc.info/?l=bugtraq&m=142791032306609&w=2
http://marc.info/?l=bugtraq&m=142804214608580&w=2
http://marc.info/?l=bugtraq&m=143290437727362&w=2
http://marc.info/?l=bugtraq&m=143290522027658&w=2
http://secunia.com/advisories/59627
http://secunia.com/advisories/61058
http://secunia.com/advisories/61073
http://secunia.com/advisories/61130
http://secunia.com/advisories/61207
http://secunia.com/advisories/61819
http://secunia.com/advisories/61959
http://secunia.com/advisories/62030
http://secunia.com/advisories/62070
http://secunia.com/advisories/62124
http://security.gentoo.org/glsa/glsa-201412-39.xml
http://support.apple.com/HT204244
http://www-01.ibm.com/support/docview.wss?uid=swg21686997
http://www.debian.org/security/2014/dsa-3053
http://www.securityfocus.com/bid/70585
http://www.securitytracker.com/id/1031053
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
https://exchange.xforce.ibmcloud.com/vulnerabilities/97037
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=26a59d9b46574e457870197dffa802871b4c8fc7
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://kc.mcafee.com/corporate/index?page=content&id=SB10091
https://support.apple.com/HT205217
https://support.citrix.com/article/CTX216642
https://www.openssl.org/news/secadv_20141015.txt

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-05-06.