Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
7 vulnerabilities found for Cloud Infrastructure Management Software by FUJITSU
VAR-201108-0132
Vulnerability from variot - Updated: 2026-03-07 20:00The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Apache HTTPD server contains a denial-of-service vulnerability in the way multiple overlapping ranges are handled. Both the 'Range' header and the 'Range-Request' header are vulnerable. An attack tool, commonly known as 'Apache Killer', has been released in the wild. The attack tool causes a significant increase in CPU and memory usage on the server. Successful exploits will result in a denial-of-service condition. ========================================================================== Ubuntu Security Notice USN-1199-1 September 01, 2011
apache2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
A remote attacker could send crafted input to Apache and cause it to crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.04: apache2.2-bin 2.2.17-1ubuntu1.2
Ubuntu 10.10: apache2.2-bin 2.2.16-1ubuntu3.3
Ubuntu 10.04 LTS: apache2.2-bin 2.2.14-5ubuntu8.6
Ubuntu 8.04 LTS: apache2-mpm-event 2.2.8-1ubuntu0.21 apache2-mpm-perchild 2.2.8-1ubuntu0.21 apache2-mpm-prefork 2.2.8-1ubuntu0.21 apache2-mpm-worker 2.2.8-1ubuntu0.21
In general, a standard system update will make all the necessary changes. ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: Hitachi Web Server ByteRange Filter Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA45865
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45865/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45865
RELEASE DATE: 2011-09-05
DISCUSS ADVISORY: http://secunia.com/advisories/45865/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45865/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45865
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Hitachi has acknowledged a vulnerability in Hitachi Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-019/index.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Summary:
Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux (v. 5.3.LL server) - i386, ia64, x86_64 Red Hat Enterprise Linux Server (v. 6.0.z) - i386, noarch, ppc64, s390x, x86_64
- (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
732928 - CVE-2011-3192 httpd: multiple ranges DoS
- Package List:
Red Hat Enterprise Linux (v. 5.3.LL server):
Source: httpd-2.2.3-22.el5_3.3.src.rpm
i386: httpd-2.2.3-22.el5_3.3.i386.rpm httpd-debuginfo-2.2.3-22.el5_3.3.i386.rpm httpd-devel-2.2.3-22.el5_3.3.i386.rpm httpd-manual-2.2.3-22.el5_3.3.i386.rpm mod_ssl-2.2.3-22.el5_3.3.i386.rpm
ia64: httpd-2.2.3-22.el5_3.3.ia64.rpm httpd-debuginfo-2.2.3-22.el5_3.3.ia64.rpm httpd-devel-2.2.3-22.el5_3.3.ia64.rpm httpd-manual-2.2.3-22.el5_3.3.ia64.rpm mod_ssl-2.2.3-22.el5_3.3.ia64.rpm
x86_64: httpd-2.2.3-22.el5_3.3.x86_64.rpm httpd-debuginfo-2.2.3-22.el5_3.3.i386.rpm httpd-debuginfo-2.2.3-22.el5_3.3.x86_64.rpm httpd-devel-2.2.3-22.el5_3.3.i386.rpm httpd-devel-2.2.3-22.el5_3.3.x86_64.rpm httpd-manual-2.2.3-22.el5_3.3.x86_64.rpm mod_ssl-2.2.3-22.el5_3.3.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: httpd-2.2.3-45.el5_6.2.src.rpm
i386: httpd-2.2.3-45.el5_6.2.i386.rpm httpd-debuginfo-2.2.3-45.el5_6.2.i386.rpm httpd-devel-2.2.3-45.el5_6.2.i386.rpm httpd-manual-2.2.3-45.el5_6.2.i386.rpm mod_ssl-2.2.3-45.el5_6.2.i386.rpm
ia64: httpd-2.2.3-45.el5_6.2.ia64.rpm httpd-debuginfo-2.2.3-45.el5_6.2.ia64.rpm httpd-devel-2.2.3-45.el5_6.2.ia64.rpm httpd-manual-2.2.3-45.el5_6.2.ia64.rpm mod_ssl-2.2.3-45.el5_6.2.ia64.rpm
ppc: httpd-2.2.3-45.el5_6.2.ppc.rpm httpd-debuginfo-2.2.3-45.el5_6.2.ppc.rpm httpd-debuginfo-2.2.3-45.el5_6.2.ppc64.rpm httpd-devel-2.2.3-45.el5_6.2.ppc.rpm httpd-devel-2.2.3-45.el5_6.2.ppc64.rpm httpd-manual-2.2.3-45.el5_6.2.ppc.rpm mod_ssl-2.2.3-45.el5_6.2.ppc.rpm
s390x: httpd-2.2.3-45.el5_6.2.s390x.rpm httpd-debuginfo-2.2.3-45.el5_6.2.s390.rpm httpd-debuginfo-2.2.3-45.el5_6.2.s390x.rpm httpd-devel-2.2.3-45.el5_6.2.s390.rpm httpd-devel-2.2.3-45.el5_6.2.s390x.rpm httpd-manual-2.2.3-45.el5_6.2.s390x.rpm mod_ssl-2.2.3-45.el5_6.2.s390x.rpm
x86_64: httpd-2.2.3-45.el5_6.2.x86_64.rpm httpd-debuginfo-2.2.3-45.el5_6.2.i386.rpm httpd-debuginfo-2.2.3-45.el5_6.2.x86_64.rpm httpd-devel-2.2.3-45.el5_6.2.i386.rpm httpd-devel-2.2.3-45.el5_6.2.x86_64.rpm httpd-manual-2.2.3-45.el5_6.2.x86_64.rpm mod_ssl-2.2.3-45.el5_6.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6.0.z):
Source: httpd-2.2.15-5.el6_0.1.src.rpm
i386: httpd-2.2.15-5.el6_0.1.i686.rpm httpd-debuginfo-2.2.15-5.el6_0.1.i686.rpm httpd-devel-2.2.15-5.el6_0.1.i686.rpm httpd-tools-2.2.15-5.el6_0.1.i686.rpm mod_ssl-2.2.15-5.el6_0.1.i686.rpm
noarch: httpd-manual-2.2.15-5.el6_0.1.noarch.rpm
ppc64: httpd-2.2.15-5.el6_0.1.ppc64.rpm httpd-debuginfo-2.2.15-5.el6_0.1.ppc.rpm httpd-debuginfo-2.2.15-5.el6_0.1.ppc64.rpm httpd-devel-2.2.15-5.el6_0.1.ppc.rpm httpd-devel-2.2.15-5.el6_0.1.ppc64.rpm httpd-tools-2.2.15-5.el6_0.1.ppc64.rpm mod_ssl-2.2.15-5.el6_0.1.ppc64.rpm
s390x: httpd-2.2.15-5.el6_0.1.s390x.rpm httpd-debuginfo-2.2.15-5.el6_0.1.s390.rpm httpd-debuginfo-2.2.15-5.el6_0.1.s390x.rpm httpd-devel-2.2.15-5.el6_0.1.s390.rpm httpd-devel-2.2.15-5.el6_0.1.s390x.rpm httpd-tools-2.2.15-5.el6_0.1.s390x.rpm mod_ssl-2.2.15-5.el6_0.1.s390x.rpm
x86_64: httpd-2.2.15-5.el6_0.1.x86_64.rpm httpd-debuginfo-2.2.15-5.el6_0.1.i686.rpm httpd-debuginfo-2.2.15-5.el6_0.1.x86_64.rpm httpd-devel-2.2.15-5.el6_0.1.i686.rpm httpd-devel-2.2.15-5.el6_0.1.x86_64.rpm httpd-tools-2.2.15-5.el6_0.1.x86_64.rpm mod_ssl-2.2.15-5.el6_0.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3192.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02997184 Version: 2
HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-09-08 Last Updated: 2011-09-08
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2011-3192, CVE-2011-0419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.17 containing Apache v2.2.15.07 or earlier HP-UX B.11.11 running HP-UX Apache Web Server Suite v2.33 containing Apache v2.0.64.01 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
This bulletin will be revised when additional information becomes available.
HP has provided the following software update to resolve these vulnerabilities.
The update is available for download from the following location ftp://srt10606:P2xg=AD5@ftp.usa.hp.com or https://ftp.usa.hp.com/hprc/home with username srt10606 and password P2xg=AD5
HP-UX Web Server Suite (WSS) v.3.18 containing Apache v2.2.15.08 HP-UX 11i Release / Apache Depot name
B.11.23 (32-bit) / Apache-CVE-2011-3192-Fix-IA-PA-32.depot B.11.23 (64-bit) / Apache-CVE-2011-3192-Fix-IA-PA-64.depot
B.11.31 (32-bit) / Apache-CVE-2011-3192-Fix-IA-PA-32.depot B.11.31 (64-bit) / Apache-CVE-2011-3192-Fix-IA-PA-64.depot
HP-UX Web Server Suite (WSS) v.2.33 containing Apache v2.0.64.01 and earlier HP-UX 11i Release / Apache Depot name
B.11.11 / Use work around suggested below B.11.23 (32 & 64-bit) / No longer supported. Upgrade to WSS v 3.18 B.11.31 (32 & 64-bit) / No longer supported. Upgrade to WSS v 3.18
Alternatives to Installing the Preliminary Patch The Apache Software Foundation has documented work arounds. For customers not wanting to install the preliminary patch, the following are recommended. Note: that no patch is available for Apache 2.0.64.01.
1) Use SetEnvIf or mod_rewrite to detect a large number of ranges and then either ignore the Range: header or reject the request.
2) Limit the size of the request field to a few hundred bytes.
3) Use mod_headers to completely disallow the use of Range headers.
Please refer to the Apache advisory for details. http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348F82@minotaur.apache.org%3e
MANUAL ACTIONS: Yes - Update Install HP-UX Web Server Suite v3.18 or subsequent.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check.
It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX Web Server Suite v3.18 HP-UX B.11.23 HP-UX B.11.31 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 action: install revision B.2.2.15.08 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 8 September 2011 Initial release Version:2 (rev.2) - 8 September 2011 Updated affectivity, recommendations, typos
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk5pPZoACgkQ4B86/C0qfVn5nwCg/w2MOkbP7d5Xp4fAyX4zAOdp aWQAoJoKZs8qDHYIVa41KgH1ANkNQI3C =MTc6 -----END PGP SIGNATURE----- . Enjoy!
- apache has been upgraded to the latest version (2.2.21) for 2011
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
Updated Packages:
Mandriva Linux 2011: 5c4825e4c63b4a06c68a5fd81517de71 2011/i586/apache-base-2.2.21-0.1-mdv2011.0.i586.rpm b5a00191b27804f9735643cdcd704b19 2011/i586/apache-conf-2.2.21-0.1-mdv2011.0.i586.rpm 49defd7efbb4a37ec49c01c7ef9c64aa 2011/i586/apache-devel-2.2.21-0.1-mdv2011.0.i586.rpm a023e40689777630df036eae1a84a475 2011/i586/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm f03744bb74a3e0872cb08465799c3ee1 2011/i586/apache-htcacheclean-2.2.21-0.1-mdv2011.0.i586.rpm bb9efa66089deef66f9434b813d41a95 2011/i586/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.i586.rpm bb334eb7fe43927ba7c6c9196b4e1fd1 2011/i586/apache-mod_cache-2.2.21-0.1-mdv2011.0.i586.rpm 086b5ed82c064b16964fff70bf9c841e 2011/i586/apache-mod_dav-2.2.21-0.1-mdv2011.0.i586.rpm 115008b2471e10ea01689dafe5c46bcd 2011/i586/apache-mod_dbd-2.2.21-0.1-mdv2011.0.i586.rpm 6b686ec6612ff8740d1e482faa06c544 2011/i586/apache-mod_deflate-2.2.21-0.1-mdv2011.0.i586.rpm 8c8f14074bc0dbbeb2b3890611f95c6b 2011/i586/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.i586.rpm b03569edc20c9393e0b5eea09f590368 2011/i586/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.i586.rpm 343703d3822a6757e000edeebe7e0a06 2011/i586/apache-mod_ldap-2.2.21-0.1-mdv2011.0.i586.rpm 3457011403525d40e525716c4da8e477 2011/i586/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.i586.rpm 3d060145b3665ca4c0b309f812af9370 2011/i586/apache-mod_proxy-2.2.21-0.1-mdv2011.0.i586.rpm a0e00b0610eb5a8c5c57afabeafc07f8 2011/i586/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.i586.rpm dd4bb38bbc2997ca398fb37225eca371 2011/i586/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.i586.rpm 2966cdfddf02fa32447711af6a3046dd 2011/i586/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.i586.rpm 48774d9c282dc476f35a0c8b2e821a7f 2011/i586/apache-mod_ssl-2.2.21-0.1-mdv2011.0.i586.rpm 7b832f85bd258abf0c7abb161f4028b4 2011/i586/apache-mod_suexec-2.2.21-0.1-mdv2011.0.i586.rpm 1c6b93eaa5b27477989bf82ea9a63685 2011/i586/apache-modules-2.2.21-0.1-mdv2011.0.i586.rpm 1e7dc0ee3fafae8a786be0cc164ebe4a 2011/i586/apache-mod_userdir-2.2.21-0.1-mdv2011.0.i586.rpm ab2d074f2dfe57a64b022d4e6b8254ab 2011/i586/apache-mpm-event-2.2.21-0.1-mdv2011.0.i586.rpm a22debf09366b64e236965a4091009e9 2011/i586/apache-mpm-itk-2.2.21-0.1-mdv2011.0.i586.rpm 174aed4327491b83f147f3b4e76bcd1f 2011/i586/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.i586.rpm e141881c27496e7e74ad7f3f566a1bd2 2011/i586/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.i586.rpm 97893069a3d6eb73e3773bc0ee78c9a4 2011/i586/apache-mpm-worker-2.2.21-0.1-mdv2011.0.i586.rpm fe530e2da15b3e0bf14c617824ff82c9 2011/i586/apache-source-2.2.21-0.1-mdv2011.0.i586.rpm 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm
Mandriva Linux 2011/X86_64: 8837c56966896e10d3403956e7cf86ac 2011/x86_64/apache-base-2.2.21-0.1-mdv2011.0.x86_64.rpm aec6da25319585e53623471734f99c57 2011/x86_64/apache-conf-2.2.21-0.1-mdv2011.0.x86_64.rpm e8600455214ad4f2303d9f36576e4952 2011/x86_64/apache-devel-2.2.21-0.1-mdv2011.0.x86_64.rpm 90694f3211fca3d436ec4130b8bb43e2 2011/x86_64/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm fd3f6a51c8abf8b1ff8356489ba6d6e1 2011/x86_64/apache-htcacheclean-2.2.21-0.1-mdv2011.0.x86_64.rpm 796c8129bbc160455587bc54c58c2220 2011/x86_64/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm 61add54b6e0c8306dff065a150b262e2 2011/x86_64/apache-mod_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm cb98169c29008c256662f3a08141bf95 2011/x86_64/apache-mod_dav-2.2.21-0.1-mdv2011.0.x86_64.rpm 5aa03ee54a7e40d41fd746fd1a223c72 2011/x86_64/apache-mod_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm 386a956f014fe2d64dfe38fc261abd39 2011/x86_64/apache-mod_deflate-2.2.21-0.1-mdv2011.0.x86_64.rpm 5a473bc45fa59323c4d526dd4f5a30d3 2011/x86_64/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm aaa544f7a4912c161a2c73e222ae87d6 2011/x86_64/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm f04054edc62a24ea9042c5b41074bd1d 2011/x86_64/apache-mod_ldap-2.2.21-0.1-mdv2011.0.x86_64.rpm 1c97f63c1169f483d086a94b97f5c421 2011/x86_64/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm ca912c34fec5cf470947a7f87e9705a4 2011/x86_64/apache-mod_proxy-2.2.21-0.1-mdv2011.0.x86_64.rpm b5ae70a8ed412e40275b4de7b639caa0 2011/x86_64/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.x86_64.rpm 6b11b032c13277712c336405ea23a8b0 2011/x86_64/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.x86_64.rpm 874a420342f1ea9278e014b79fe5a337 2011/x86_64/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.x86_64.rpm 2757b3d7c8261563e22c41d3f94aaa29 2011/x86_64/apache-mod_ssl-2.2.21-0.1-mdv2011.0.x86_64.rpm 6edbc6963aab9beee507f9a3c8be38a2 2011/x86_64/apache-mod_suexec-2.2.21-0.1-mdv2011.0.x86_64.rpm fe6143eaa1acc0de751198ea19129279 2011/x86_64/apache-modules-2.2.21-0.1-mdv2011.0.x86_64.rpm 3e66fa1e1e2cf243c1c6472243cb86fe 2011/x86_64/apache-mod_userdir-2.2.21-0.1-mdv2011.0.x86_64.rpm 7d45bfd7d3aa87d45d2287fdd9507847 2011/x86_64/apache-mpm-event-2.2.21-0.1-mdv2011.0.x86_64.rpm bce9e2cdffe45cbc4baf72f0d0c4000e 2011/x86_64/apache-mpm-itk-2.2.21-0.1-mdv2011.0.x86_64.rpm 217bd96dfa802f7d049b6fd12600b154 2011/x86_64/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.x86_64.rpm cc304b9011d16d7f3cf5c8250e4d9f18 2011/x86_64/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.x86_64.rpm a8bb9b62c39f98a6df728d51a4fff39a 2011/x86_64/apache-mpm-worker-2.2.21-0.1-mdv2011.0.x86_64.rpm 7d41c857be2574ac5f3ea7090a1f3c78 2011/x86_64/apache-source-2.2.21-0.1-mdv2011.0.x86_64.rpm 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOdErbmqjQ0CJFipgRArO0AJ9MeU1I/ItvY699awHPqXD7TZZ46gCeP/Lc OVJD0GobLzQ3q1XZS8WiqdY= =O8Ag -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 2.4,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 2.1,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "03-00-02"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "03-10"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.65"
},
{
"_id": null,
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.20"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "11.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.3"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.10"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"_id": null,
"model": "web server linux",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "03-00-05"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "03-10-01"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache http server",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva s a",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jp1/cm2/snmp system observer",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-03"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5.9-08"
},
{
"_id": null,
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "5.9-00"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-03"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-02"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-04"
},
{
"_id": null,
"model": "web server linux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-01"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-00"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0-06"
},
{
"_id": null,
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-02"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-02"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0-00"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "tiered storage manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-02"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-04"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.1.1-01"
},
{
"_id": null,
"model": "replication manager software )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "04-10-02"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"_id": null,
"model": "management center for cisco security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-04"
},
{
"_id": null,
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.6-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"_id": null,
"model": "replication manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.401"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "61.0.2"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-03"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "61.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.57"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-06(x64))"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-06"
},
{
"_id": null,
"model": "web server 04-10",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "software foundation apache 2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-50"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-02"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.7"
},
{
"_id": null,
"model": "interstage service integrator standard edition 9.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"_id": null,
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.34"
},
{
"_id": null,
"model": "point software secureplatform r60 hfa 05",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"_id": null,
"model": "systemwalker service quality coordinator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.5"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"_id": null,
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.4"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-03"
},
{
"_id": null,
"model": "jp1/hicommand provisioning manager (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "interstage application development cycle manager standard editio 10.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"_id": null,
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "job management partner 1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "software foundation apache -dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "jp1/hicommand provisioning manager )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-03"
},
{
"_id": null,
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-01"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-06"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "systemwalker availability view enterprise edition 13.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.17"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-03"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-04"
},
{
"_id": null,
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "point software secureplatform r65 hfa02",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-04(x64))"
},
{
"_id": null,
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01(x64)"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.3.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3"
},
{
"_id": null,
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"_id": null,
"model": "software foundation apache 2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-04"
},
{
"_id": null,
"model": "interstage service integrator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.5-00"
},
{
"_id": null,
"model": "systemwalker availability view standard edition 13.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.17"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "interstage list manager enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "software foundation apache 2.2.15-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "jp1/hicommand device manager (solaris (s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9.0-08"
},
{
"_id": null,
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"_id": null,
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "interstage application development cycle manager enterprise edit",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.1"
},
{
"_id": null,
"model": "web server (hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-0011.0)"
},
{
"_id": null,
"model": "web server 2).(sola",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-01(*"
},
{
"_id": null,
"model": "interstage application development cycle manager enterprise edit",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.2"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "point software secureplatform ng fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.5"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-05"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"_id": null,
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-53-01"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "point software endpoint security",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.001"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.4"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0.2"
},
{
"_id": null,
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"_id": null,
"model": "hat enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"_id": null,
"model": "jp1/hicommand device manager (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9-00(x64))"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "point software secureplatform r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "jp1/hicommand provisioning manager )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.164"
},
{
"_id": null,
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-03"
},
{
"_id": null,
"model": "systemwalker availability view standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3"
},
{
"_id": null,
"model": "video surveillance operations manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-08"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.31"
},
{
"_id": null,
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-08"
},
{
"_id": null,
"model": "software foundation apache beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "network collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-04"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.1"
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-03(x64))"
},
{
"_id": null,
"model": "point software secureplatform ng fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.35"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-00"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5665"
},
{
"_id": null,
"model": "software foundation apache a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-05"
},
{
"_id": null,
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"_id": null,
"model": "software foundation apache 2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-10"
},
{
"_id": null,
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.32"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-07"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-53"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-06"
},
{
"_id": null,
"model": "point software security gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "san-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"_id": null,
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.31"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.41"
},
{
"_id": null,
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0.2"
},
{
"_id": null,
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "interstage software quality analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"_id": null,
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.19"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"_id": null,
"model": "jp1/it service level management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.163"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.4"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-51-01"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.50"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.402"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.6"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "ciscoworks lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-03"
},
{
"_id": null,
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "web server 04-00.",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.18"
},
{
"_id": null,
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00(x64))"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-04"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0"
},
{
"_id": null,
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.27"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.5"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-01"
},
{
"_id": null,
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "software foundation apache 2.3.38-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.6"
},
{
"_id": null,
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.95"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-02"
},
{
"_id": null,
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"_id": null,
"model": "interstage service integrator standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "point software dlp-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"_id": null,
"model": "point software secureplatform r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "interstage application server enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-11"
},
{
"_id": null,
"model": "jp1/cm2/snmp system observer )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "application server 10g r2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.3.0"
},
{
"_id": null,
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-05"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5687"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "systemwalker service quality coordinator enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.4"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "jp1/it service level management manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-01"
},
{
"_id": null,
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.5.06.00"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.401"
},
{
"_id": null,
"model": "hat enterprise linux server 6.0.z",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-03"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.5"
},
{
"_id": null,
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.33"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "systemwalker service catalog manager v14g",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "14.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-09"
},
{
"_id": null,
"model": "wide area application services 4.1.1b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ciscoworks lan management solution update",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"_id": null,
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-11-02"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
},
{
"_id": null,
"model": "it operations director",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-50-07"
},
{
"_id": null,
"model": "ciscoworks lan management solution (dec update",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.02007"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.91.0"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-20"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "wireless control system for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.5"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.18"
},
{
"_id": null,
"model": "software foundation apache 2.0.62-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01(*2)"
},
{
"_id": null,
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-04"
},
{
"_id": null,
"model": "jp1/hicommand device manager (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9-08(x64))"
},
{
"_id": null,
"model": "jp1/hicommand device manager (solaris (s",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5.9.0-00"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"_id": null,
"model": "hat enterprise linux 5.3.ll",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"_id": null,
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"_id": null,
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.17"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0.2"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-02"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.9"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.15"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.9"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "hat enterprise linux els",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-30"
},
{
"_id": null,
"model": "web server (hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-0111.0"
},
{
"_id": null,
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "software foundation apache 2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"_id": null,
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60-01"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"_id": null,
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "netware sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.0"
},
{
"_id": null,
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"_id": null,
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"_id": null,
"model": "jp1/automatic job management system web operation assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "replication manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-01"
},
{
"_id": null,
"model": "hat enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.60"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "systemwalker software configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "14.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-03(x64))"
},
{
"_id": null,
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "cts telepresence systems",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.13"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "interstage service integrator enterprise edition 9.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-00-50"
},
{
"_id": null,
"model": "point software secureplatform r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-09"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5632"
},
{
"_id": null,
"model": "point software secureplatform ng fp2 edition",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "2"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0-00(x64))"
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.3.1"
},
{
"_id": null,
"model": "web server custom edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"_id": null,
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.1"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0"
},
{
"_id": null,
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.96"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "interstage application development cycle manager standard editio",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.2"
},
{
"_id": null,
"model": "interstage list manager standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.181.0"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.21"
},
{
"_id": null,
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "point software ipso6 r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "interstage software quality analyzer 10.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "global link manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.62"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-10"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60-01"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-10-03"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5150"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "software foundation apache 2.2.7-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "point software ipso6 r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "web server 04-00-03.",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tiered storage manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5675"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-03"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.2"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"_id": null,
"model": "application server 10g r3",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-02(x64))"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5645"
},
{
"_id": null,
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-40"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.19"
},
{
"_id": null,
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"_id": null,
"model": "netware sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"_id": null,
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.9"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5655"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-060"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"_id": null,
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "jp1/hicommand tuning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-00"
},
{
"_id": null,
"model": "jp1/hicommand provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-90"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.0.0-00"
},
{
"_id": null,
"model": "jp1/automatic job management system web operation assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "2-0"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "secure backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.0.3"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"_id": null,
"model": "software foundation apache -beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"_id": null,
"model": "provisioning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.001"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "tuning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"_id": null,
"model": "point software secureplatform ng",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"_id": null,
"model": "point software ipso6 r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.402"
},
{
"_id": null,
"model": "point software secureplatform r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-50"
},
{
"_id": null,
"model": "web server linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-01"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-10-02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"_id": null,
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.18"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-00"
},
{
"_id": null,
"model": "provisioning manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "cloud infrastructure management software",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "1.2"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.6"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.5"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.100.0"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "jp1/integrated management service support",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-09-50-01"
},
{
"_id": null,
"model": "tiered storage manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "wireless control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.62.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.3"
},
{
"_id": null,
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10-03(x64)"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.1.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.16"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-03"
},
{
"_id": null,
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-03"
},
{
"_id": null,
"model": "replication manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2.0-00"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.5"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "replication manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-01"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "onboard administrator",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.55"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5135"
},
{
"_id": null,
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"_id": null,
"model": "device manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.0-00"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-60"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "jp1/hicommand replication monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-02"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-05"
},
{
"_id": null,
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tuning manager software (solaris(sp",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-03"
},
{
"_id": null,
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"_id": null,
"model": "video surveillance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jp1/performance management web console",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-08-50-09"
},
{
"_id": null,
"model": "systemwalker runbook automation v14g 14.1.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-51"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "provisioning manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "device manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"_id": null,
"model": "tuning manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.7"
},
{
"_id": null,
"model": "job management partner 1/automatic job management system man",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "ciscoworks common services base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"_id": null,
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10"
},
{
"_id": null,
"model": "replication manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-01"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.0"
},
{
"_id": null,
"model": "web server )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5638"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.3"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "point software ipso6 r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"_id": null,
"model": "point software secureplatform ngx r60 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "244"
},
{
"_id": null,
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-07"
},
{
"_id": null,
"model": "device manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"_id": null,
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"_id": null,
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "jp1/cm2/snmp system observer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "transportation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-10-03"
},
{
"_id": null,
"model": "jp1/hicommand device manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05.10"
},
{
"_id": null,
"model": "tiered storage manager software",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7.0.1-02"
},
{
"_id": null,
"model": "wireless control system for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1.1-00(x64))"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"_id": null,
"model": "jp1/serverconductor/control manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"_id": null,
"model": "systemwalker availability view enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3"
},
{
"_id": null,
"model": "jp1/it resource management-manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-10"
},
{
"_id": null,
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.33"
},
{
"_id": null,
"model": "provisioning manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-08"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"_id": null,
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"_id": null,
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"_id": null,
"model": "device manager software (linux(sles",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.3.0-00"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"_id": null,
"model": "quad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "device manager software (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.2-00(x64))"
},
{
"_id": null,
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.43"
},
{
"_id": null,
"model": "onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.21"
},
{
"_id": null,
"model": "systemwalker it process master standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "13.3.1"
},
{
"_id": null,
"model": "jp1/hicommand devicemanager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
},
{
"_id": null,
"model": "device manager software )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.1-03"
},
{
"_id": null,
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.61"
},
{
"_id": null,
"model": "it operations analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-01"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"_id": null,
"model": "tiered storage manager software (linux(rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.4.0-07"
},
{
"_id": null,
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"_id": null,
"model": "software foundation apache 2.0.64-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"_id": null,
"model": "job management partner 1/automatic job management system web",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "3-0"
},
{
"_id": null,
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"_id": null,
"model": "jp1/hicommand tiered storage manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-50-01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"credits": {
"_id": null,
"data": "Kingcope",
"sources": [
{
"db": "BID",
"id": "49303"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3192",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3192",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3192",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#405811",
"trust": 0.8,
"value": "16.01"
},
{
"author": "VULMON",
"id": "CVE-2011-3192",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"description": {
"_id": null,
"data": "The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Apache HTTPD server contains a denial-of-service vulnerability in the way multiple overlapping ranges are handled. Both the \u0027Range\u0027 header and the \u0027Range-Request\u0027 header are vulnerable. An attack tool, commonly known as \u0027Apache Killer\u0027, has been released in the wild. The attack tool causes a significant increase in CPU and memory usage on the server. \nSuccessful exploits will result in a denial-of-service condition. ==========================================================================\nUbuntu Security Notice USN-1199-1\nSeptember 01, 2011\n\napache2 vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nA remote attacker could send crafted input to Apache and cause it to crash. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.04:\n apache2.2-bin 2.2.17-1ubuntu1.2\n\nUbuntu 10.10:\n apache2.2-bin 2.2.16-1ubuntu3.3\n\nUbuntu 10.04 LTS:\n apache2.2-bin 2.2.14-5ubuntu8.6\n\nUbuntu 8.04 LTS:\n apache2-mpm-event 2.2.8-1ubuntu0.21\n apache2-mpm-perchild 2.2.8-1ubuntu0.21\n apache2-mpm-prefork 2.2.8-1ubuntu0.21\n apache2-mpm-worker 2.2.8-1ubuntu0.21\n\nIn general, a standard system update will make all the necessary changes. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Web Server ByteRange Filter Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA45865\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45865/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45865\n\nRELEASE DATE:\n2011-09-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45865/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45865/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45865\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nHitachi has acknowledged a vulnerability in Hitachi Web Server, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nORIGINAL ADVISORY:\nHitachi (Japanese):\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-019/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \nHP System Management Homepage (SMH) before v7.0 running on Linux and Windows. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Summary:\n\nUpdated httpd packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5.3 Long Life, 5.6 Extended Update Support, and\n6.0 Extended Update Support. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux (v. 5.3.LL server) - i386, ia64, x86_64\nRed Hat Enterprise Linux Server (v. 6.0.z) - i386, noarch, ppc64, s390x, x86_64\n\n3. (CVE-2011-3192)\n\nAll httpd users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n732928 - CVE-2011-3192 httpd: multiple ranges DoS\n\n6. Package List:\n\nRed Hat Enterprise Linux (v. 5.3.LL server):\n\nSource:\nhttpd-2.2.3-22.el5_3.3.src.rpm\n\ni386:\nhttpd-2.2.3-22.el5_3.3.i386.rpm\nhttpd-debuginfo-2.2.3-22.el5_3.3.i386.rpm\nhttpd-devel-2.2.3-22.el5_3.3.i386.rpm\nhttpd-manual-2.2.3-22.el5_3.3.i386.rpm\nmod_ssl-2.2.3-22.el5_3.3.i386.rpm\n\nia64:\nhttpd-2.2.3-22.el5_3.3.ia64.rpm\nhttpd-debuginfo-2.2.3-22.el5_3.3.ia64.rpm\nhttpd-devel-2.2.3-22.el5_3.3.ia64.rpm\nhttpd-manual-2.2.3-22.el5_3.3.ia64.rpm\nmod_ssl-2.2.3-22.el5_3.3.ia64.rpm\n\nx86_64:\nhttpd-2.2.3-22.el5_3.3.x86_64.rpm\nhttpd-debuginfo-2.2.3-22.el5_3.3.i386.rpm\nhttpd-debuginfo-2.2.3-22.el5_3.3.x86_64.rpm\nhttpd-devel-2.2.3-22.el5_3.3.i386.rpm\nhttpd-devel-2.2.3-22.el5_3.3.x86_64.rpm\nhttpd-manual-2.2.3-22.el5_3.3.x86_64.rpm\nmod_ssl-2.2.3-22.el5_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nhttpd-2.2.3-45.el5_6.2.src.rpm\n\ni386:\nhttpd-2.2.3-45.el5_6.2.i386.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.i386.rpm\nhttpd-devel-2.2.3-45.el5_6.2.i386.rpm\nhttpd-manual-2.2.3-45.el5_6.2.i386.rpm\nmod_ssl-2.2.3-45.el5_6.2.i386.rpm\n\nia64:\nhttpd-2.2.3-45.el5_6.2.ia64.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.ia64.rpm\nhttpd-devel-2.2.3-45.el5_6.2.ia64.rpm\nhttpd-manual-2.2.3-45.el5_6.2.ia64.rpm\nmod_ssl-2.2.3-45.el5_6.2.ia64.rpm\n\nppc:\nhttpd-2.2.3-45.el5_6.2.ppc.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.ppc.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.ppc64.rpm\nhttpd-devel-2.2.3-45.el5_6.2.ppc.rpm\nhttpd-devel-2.2.3-45.el5_6.2.ppc64.rpm\nhttpd-manual-2.2.3-45.el5_6.2.ppc.rpm\nmod_ssl-2.2.3-45.el5_6.2.ppc.rpm\n\ns390x:\nhttpd-2.2.3-45.el5_6.2.s390x.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.s390.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.s390x.rpm\nhttpd-devel-2.2.3-45.el5_6.2.s390.rpm\nhttpd-devel-2.2.3-45.el5_6.2.s390x.rpm\nhttpd-manual-2.2.3-45.el5_6.2.s390x.rpm\nmod_ssl-2.2.3-45.el5_6.2.s390x.rpm\n\nx86_64:\nhttpd-2.2.3-45.el5_6.2.x86_64.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.i386.rpm\nhttpd-debuginfo-2.2.3-45.el5_6.2.x86_64.rpm\nhttpd-devel-2.2.3-45.el5_6.2.i386.rpm\nhttpd-devel-2.2.3-45.el5_6.2.x86_64.rpm\nhttpd-manual-2.2.3-45.el5_6.2.x86_64.rpm\nmod_ssl-2.2.3-45.el5_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6.0.z):\n\nSource:\nhttpd-2.2.15-5.el6_0.1.src.rpm\n\ni386:\nhttpd-2.2.15-5.el6_0.1.i686.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.i686.rpm\nhttpd-devel-2.2.15-5.el6_0.1.i686.rpm\nhttpd-tools-2.2.15-5.el6_0.1.i686.rpm\nmod_ssl-2.2.15-5.el6_0.1.i686.rpm\n\nnoarch:\nhttpd-manual-2.2.15-5.el6_0.1.noarch.rpm\n\nppc64:\nhttpd-2.2.15-5.el6_0.1.ppc64.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.ppc.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.ppc64.rpm\nhttpd-devel-2.2.15-5.el6_0.1.ppc.rpm\nhttpd-devel-2.2.15-5.el6_0.1.ppc64.rpm\nhttpd-tools-2.2.15-5.el6_0.1.ppc64.rpm\nmod_ssl-2.2.15-5.el6_0.1.ppc64.rpm\n\ns390x:\nhttpd-2.2.15-5.el6_0.1.s390x.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.s390.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.s390x.rpm\nhttpd-devel-2.2.15-5.el6_0.1.s390.rpm\nhttpd-devel-2.2.15-5.el6_0.1.s390x.rpm\nhttpd-tools-2.2.15-5.el6_0.1.s390x.rpm\nmod_ssl-2.2.15-5.el6_0.1.s390x.rpm\n\nx86_64:\nhttpd-2.2.15-5.el6_0.1.x86_64.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.i686.rpm\nhttpd-debuginfo-2.2.15-5.el6_0.1.x86_64.rpm\nhttpd-devel-2.2.15-5.el6_0.1.i686.rpm\nhttpd-devel-2.2.15-5.el6_0.1.x86_64.rpm\nhttpd-tools-2.2.15-5.el6_0.1.x86_64.rpm\nmod_ssl-2.2.15-5.el6_0.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3192.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02997184\nVersion: 2\n\nHPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-09-08\nLast Updated: 2011-09-08\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2011-3192, CVE-2011-0419\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.17 containing Apache v2.2.15.07 or earlier\nHP-UX B.11.11 running HP-UX Apache Web Server Suite v2.33 containing Apache v2.0.64.01 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nThis bulletin will be revised when additional information becomes available. \n\nHP has provided the following software update to resolve these vulnerabilities. \n\nThe update is available for download from the following location\nftp://srt10606:P2xg=AD5@ftp.usa.hp.com\nor\nhttps://ftp.usa.hp.com/hprc/home with\nusername srt10606 and password P2xg=AD5\n\nHP-UX Web Server Suite (WSS) v.3.18 containing Apache v2.2.15.08\nHP-UX 11i Release / Apache Depot name\n\nB.11.23 (32-bit) / Apache-CVE-2011-3192-Fix-IA-PA-32.depot\nB.11.23 (64-bit) / Apache-CVE-2011-3192-Fix-IA-PA-64.depot\n\nB.11.31 (32-bit) / Apache-CVE-2011-3192-Fix-IA-PA-32.depot\nB.11.31 (64-bit) / Apache-CVE-2011-3192-Fix-IA-PA-64.depot\n\nHP-UX Web Server Suite (WSS) v.2.33 containing Apache v2.0.64.01 and earlier\nHP-UX 11i Release / Apache Depot name\n\nB.11.11 / Use work around suggested below\nB.11.23 (32 \u0026 64-bit) / No longer supported. Upgrade to WSS v 3.18\nB.11.31 (32 \u0026 64-bit) / No longer supported. Upgrade to WSS v 3.18\n\nAlternatives to Installing the Preliminary Patch\nThe Apache Software Foundation has documented work arounds. For customers not wanting to install the preliminary patch, the following are recommended. \nNote: that no patch is available for Apache 2.0.64.01. \n\n1) Use SetEnvIf or mod_rewrite to detect a large number of ranges and then either ignore the Range: header or reject the request. \n\n2) Limit the size of the request field to a few hundred bytes. \n\n3) Use mod_headers to completely disallow the use of Range headers. \n\nPlease refer to the Apache advisory for details. http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348F82@minotaur.apache.org%3e\n\nMANUAL ACTIONS: Yes - Update\nInstall HP-UX Web Server Suite v3.18 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. \n\nIt analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX Web Server Suite v3.18\nHP-UX B.11.23\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\nhpuxws22APACHE.WEBPROXY\nhpuxws22APACHE.WEBPROXY2\naction: install revision B.2.2.15.08 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 8 September 2011 Initial release\nVersion:2 (rev.2) - 8 September 2011 Updated affectivity, recommendations, typos\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAk5pPZoACgkQ4B86/C0qfVn5nwCg/w2MOkbP7d5Xp4fAyX4zAOdp\naWQAoJoKZs8qDHYIVa41KgH1ANkNQI3C\n=MTc6\n-----END PGP SIGNATURE-----\n. Enjoy!\n \n * apache has been upgraded to the latest version (2.2.21) for 2011\n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2011:\n 5c4825e4c63b4a06c68a5fd81517de71 2011/i586/apache-base-2.2.21-0.1-mdv2011.0.i586.rpm\n b5a00191b27804f9735643cdcd704b19 2011/i586/apache-conf-2.2.21-0.1-mdv2011.0.i586.rpm\n 49defd7efbb4a37ec49c01c7ef9c64aa 2011/i586/apache-devel-2.2.21-0.1-mdv2011.0.i586.rpm\n a023e40689777630df036eae1a84a475 2011/i586/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm\n f03744bb74a3e0872cb08465799c3ee1 2011/i586/apache-htcacheclean-2.2.21-0.1-mdv2011.0.i586.rpm\n bb9efa66089deef66f9434b813d41a95 2011/i586/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.i586.rpm\n bb334eb7fe43927ba7c6c9196b4e1fd1 2011/i586/apache-mod_cache-2.2.21-0.1-mdv2011.0.i586.rpm\n 086b5ed82c064b16964fff70bf9c841e 2011/i586/apache-mod_dav-2.2.21-0.1-mdv2011.0.i586.rpm\n 115008b2471e10ea01689dafe5c46bcd 2011/i586/apache-mod_dbd-2.2.21-0.1-mdv2011.0.i586.rpm\n 6b686ec6612ff8740d1e482faa06c544 2011/i586/apache-mod_deflate-2.2.21-0.1-mdv2011.0.i586.rpm\n 8c8f14074bc0dbbeb2b3890611f95c6b 2011/i586/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.i586.rpm\n b03569edc20c9393e0b5eea09f590368 2011/i586/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.i586.rpm\n 343703d3822a6757e000edeebe7e0a06 2011/i586/apache-mod_ldap-2.2.21-0.1-mdv2011.0.i586.rpm\n 3457011403525d40e525716c4da8e477 2011/i586/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.i586.rpm\n 3d060145b3665ca4c0b309f812af9370 2011/i586/apache-mod_proxy-2.2.21-0.1-mdv2011.0.i586.rpm\n a0e00b0610eb5a8c5c57afabeafc07f8 2011/i586/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.i586.rpm\n dd4bb38bbc2997ca398fb37225eca371 2011/i586/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.i586.rpm\n 2966cdfddf02fa32447711af6a3046dd 2011/i586/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.i586.rpm\n 48774d9c282dc476f35a0c8b2e821a7f 2011/i586/apache-mod_ssl-2.2.21-0.1-mdv2011.0.i586.rpm\n 7b832f85bd258abf0c7abb161f4028b4 2011/i586/apache-mod_suexec-2.2.21-0.1-mdv2011.0.i586.rpm\n 1c6b93eaa5b27477989bf82ea9a63685 2011/i586/apache-modules-2.2.21-0.1-mdv2011.0.i586.rpm\n 1e7dc0ee3fafae8a786be0cc164ebe4a 2011/i586/apache-mod_userdir-2.2.21-0.1-mdv2011.0.i586.rpm\n ab2d074f2dfe57a64b022d4e6b8254ab 2011/i586/apache-mpm-event-2.2.21-0.1-mdv2011.0.i586.rpm\n a22debf09366b64e236965a4091009e9 2011/i586/apache-mpm-itk-2.2.21-0.1-mdv2011.0.i586.rpm\n 174aed4327491b83f147f3b4e76bcd1f 2011/i586/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.i586.rpm\n e141881c27496e7e74ad7f3f566a1bd2 2011/i586/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.i586.rpm\n 97893069a3d6eb73e3773bc0ee78c9a4 2011/i586/apache-mpm-worker-2.2.21-0.1-mdv2011.0.i586.rpm\n fe530e2da15b3e0bf14c617824ff82c9 2011/i586/apache-source-2.2.21-0.1-mdv2011.0.i586.rpm \n 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm\n b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm\n d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm\n 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm\n\n Mandriva Linux 2011/X86_64:\n 8837c56966896e10d3403956e7cf86ac 2011/x86_64/apache-base-2.2.21-0.1-mdv2011.0.x86_64.rpm\n aec6da25319585e53623471734f99c57 2011/x86_64/apache-conf-2.2.21-0.1-mdv2011.0.x86_64.rpm\n e8600455214ad4f2303d9f36576e4952 2011/x86_64/apache-devel-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 90694f3211fca3d436ec4130b8bb43e2 2011/x86_64/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm\n fd3f6a51c8abf8b1ff8356489ba6d6e1 2011/x86_64/apache-htcacheclean-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 796c8129bbc160455587bc54c58c2220 2011/x86_64/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 61add54b6e0c8306dff065a150b262e2 2011/x86_64/apache-mod_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm\n cb98169c29008c256662f3a08141bf95 2011/x86_64/apache-mod_dav-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 5aa03ee54a7e40d41fd746fd1a223c72 2011/x86_64/apache-mod_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 386a956f014fe2d64dfe38fc261abd39 2011/x86_64/apache-mod_deflate-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 5a473bc45fa59323c4d526dd4f5a30d3 2011/x86_64/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm\n aaa544f7a4912c161a2c73e222ae87d6 2011/x86_64/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm\n f04054edc62a24ea9042c5b41074bd1d 2011/x86_64/apache-mod_ldap-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 1c97f63c1169f483d086a94b97f5c421 2011/x86_64/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm\n ca912c34fec5cf470947a7f87e9705a4 2011/x86_64/apache-mod_proxy-2.2.21-0.1-mdv2011.0.x86_64.rpm\n b5ae70a8ed412e40275b4de7b639caa0 2011/x86_64/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 6b11b032c13277712c336405ea23a8b0 2011/x86_64/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 874a420342f1ea9278e014b79fe5a337 2011/x86_64/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 2757b3d7c8261563e22c41d3f94aaa29 2011/x86_64/apache-mod_ssl-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 6edbc6963aab9beee507f9a3c8be38a2 2011/x86_64/apache-mod_suexec-2.2.21-0.1-mdv2011.0.x86_64.rpm\n fe6143eaa1acc0de751198ea19129279 2011/x86_64/apache-modules-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 3e66fa1e1e2cf243c1c6472243cb86fe 2011/x86_64/apache-mod_userdir-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 7d45bfd7d3aa87d45d2287fdd9507847 2011/x86_64/apache-mpm-event-2.2.21-0.1-mdv2011.0.x86_64.rpm\n bce9e2cdffe45cbc4baf72f0d0c4000e 2011/x86_64/apache-mpm-itk-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 217bd96dfa802f7d049b6fd12600b154 2011/x86_64/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.x86_64.rpm\n cc304b9011d16d7f3cf5c8250e4d9f18 2011/x86_64/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.x86_64.rpm\n a8bb9b62c39f98a6df728d51a4fff39a 2011/x86_64/apache-mpm-worker-2.2.21-0.1-mdv2011.0.x86_64.rpm\n 7d41c857be2574ac5f3ea7090a1f3c78 2011/x86_64/apache-source-2.2.21-0.1-mdv2011.0.x86_64.rpm \n 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm\n b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm\n d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm\n 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFOdErbmqjQ0CJFipgRArO0AJ9MeU1I/ItvY699awHPqXD7TZZ46gCeP/Lc\nOVJD0GobLzQ3q1XZS8WiqdY=\n=O8Ag\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3192"
},
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "PACKETSTORM",
"id": "104711"
},
{
"db": "PACKETSTORM",
"id": "104804"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "104784"
},
{
"db": "PACKETSTORM",
"id": "105120"
},
{
"db": "PACKETSTORM",
"id": "104969"
},
{
"db": "PACKETSTORM",
"id": "105184"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106788"
}
],
"trust": 2.88
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=17696",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3192"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-3192",
"trust": 2.3
},
{
"db": "CERT/CC",
"id": "VU#405811",
"trust": 1.8
},
{
"db": "BID",
"id": "49303",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "46000",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "46126",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "45937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "46125",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "45606",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "17696",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1025960",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "74721",
"trust": 1.0
},
{
"db": "HITACHI",
"id": "HS11-019",
"trust": 0.4
},
{
"db": "HITACHI",
"id": "HS11-021",
"trust": 0.3
},
{
"db": "HITACHI",
"id": "HS11-020",
"trust": 0.3
},
{
"db": "HITACHI",
"id": "HS11-022",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10642",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "45865",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2011-3192",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104711",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104804",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111915",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104784",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104969",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105184",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105281",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106788",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "VULMON",
"id": "CVE-2011-3192"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "PACKETSTORM",
"id": "104711"
},
{
"db": "PACKETSTORM",
"id": "104804"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "104784"
},
{
"db": "PACKETSTORM",
"id": "105120"
},
{
"db": "PACKETSTORM",
"id": "104969"
},
{
"db": "PACKETSTORM",
"id": "105184"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106788"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"id": "VAR-201108-0132",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3003817384615385
},
"last_update_date": "2026-03-07T20:00:13.509000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Ubuntu Security Notice: apache2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1199-1"
},
{
"title": "Cisco: Apache HTTPd Range Header Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20110830-apache"
},
{
"title": "Debian Security Advisories: DSA-2298-2 apache2 -- denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7227b6751a2a5332a53278f1881d559f"
},
{
"title": "Amazon Linux AMI: ALAS-2011-001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2011-001"
},
{
"title": "Red Hat: Moderate: httpd security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120542 - Security Advisory"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2011-3192 "
},
{
"title": "MNCanyon",
"trust": 0.1,
"url": "https://github.com/MNCanyon/MNCanyon "
},
{
"title": "haproxy-ddos",
"trust": 0.1,
"url": "https://github.com/analytically/haproxy-ddos "
},
{
"title": "DDoS-Script",
"trust": 0.1,
"url": "https://github.com/Encapsulate/DDoS-Script "
},
{
"title": "Mind_help",
"trust": 0.1,
"url": "https://github.com/MNCanyon/Mind_help "
},
{
"title": "DC-p0t",
"trust": 0.1,
"url": "https://github.com/5p1n6a11/DC-p0t "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3192"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://www.apache.org/dist/httpd/announcement2.2.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"
},
{
"trust": 1.3,
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51714"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"trust": 1.1,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd@minotaur.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-1199-1"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348f82@minotaur.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://osvdb.org/74721"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18827"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b90d73.shtml"
},
{
"trust": 1.0,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69396"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46000"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht5002"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"trust": 1.0,
"url": "http://www.exploit-db.com/exploits/17696"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14762"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46126"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3ccaapsnn2po-d-c4nqt_tes2rrwizr7urefhtkpwbc1b+k1dqc7g%40mail.gmail.com%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14824"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/45937"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:130"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1294.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html"
},
{
"trust": 1.0,
"url": "http://blogs.oracle.com/security/entry/security_alert_for_cve_2011"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1300.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/46125"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1330.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=133477473521382\u0026w=2"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2011/aug/175"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1025960"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd%40minotaur.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/45606"
},
{
"trust": 1.0,
"url": "http://www.kb.cert.org/vuls/id/405811"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1369.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1329.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/49303"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1245.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"
},
{
"trust": 1.0,
"url": "http://www.gossamer-threads.com/lists/apache/dev/401638"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3192"
},
{
"trust": 0.8,
"url": "http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html"
},
{
"trust": 0.8,
"url": "http://www.apache.org/dist/httpd/changes_2.2.20"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2011-1329.html"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000102.html"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000103.html"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10642\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/download.cgi"
},
{
"trust": 0.3,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk65222"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/alerts-086861.html#securityalerts"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_and_cve"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_denial_of"
},
{
"trust": 0.3,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=131418828705324\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-020/index.html"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-021/index.html"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-022/index.html"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7009621"
},
{
"trust": 0.3,
"url": "/archive/1/520376"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148618"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03285138"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03517954\u0026ac.admitted=1349807398574.876444892.199480143"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs11-019/index.html"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201102e.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21512087"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/security/cve-2011-3192.txt"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2011-1300.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1330.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas2aae02620b9b78d9e862578fe003c799b"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284345-ee19-4bf3860908380/cert_xrx12-004_v1.01.pdf"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://ftp.usa.hp.com/hprc/home"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3192"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3192.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.17-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.16-1ubuntu3.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.8-1ubuntu0.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.14-5ubuntu8.6"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45865"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45865/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-019/index.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45865/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1468"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1467"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1471"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1470"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2202"
},
{
"trust": 0.1,
"url": "http://h18000.www1.hp.com/products/servers/management/agents/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3189"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1294.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3348"
},
{
"trust": 0.1,
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3348"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
},
{
"db": "BID",
"id": "49303"
},
{
"db": "PACKETSTORM",
"id": "104711"
},
{
"db": "PACKETSTORM",
"id": "104804"
},
{
"db": "PACKETSTORM",
"id": "111915"
},
{
"db": "PACKETSTORM",
"id": "104936"
},
{
"db": "PACKETSTORM",
"id": "104784"
},
{
"db": "PACKETSTORM",
"id": "105120"
},
{
"db": "PACKETSTORM",
"id": "104969"
},
{
"db": "PACKETSTORM",
"id": "105184"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106788"
},
{
"db": "NVD",
"id": "CVE-2011-3192"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#405811",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2011-3192",
"ident": null
},
{
"db": "BID",
"id": "49303",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "104711",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "104804",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "111915",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "104936",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "104784",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105120",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "104969",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105184",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105281",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "106788",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-3192",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-08-26T00:00:00",
"db": "CERT/CC",
"id": "VU#405811",
"ident": null
},
{
"date": "2011-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3192",
"ident": null
},
{
"date": "2011-08-24T00:00:00",
"db": "BID",
"id": "49303",
"ident": null
},
{
"date": "2011-09-02T00:03:29",
"db": "PACKETSTORM",
"id": "104711",
"ident": null
},
{
"date": "2011-09-06T04:48:58",
"db": "PACKETSTORM",
"id": "104804",
"ident": null
},
{
"date": "2012-04-17T20:34:39",
"db": "PACKETSTORM",
"id": "111915",
"ident": null
},
{
"date": "2011-09-09T05:23:01",
"db": "PACKETSTORM",
"id": "104936",
"ident": null
},
{
"date": "2011-09-04T17:36:46",
"db": "PACKETSTORM",
"id": "104784",
"ident": null
},
{
"date": "2011-09-14T22:52:49",
"db": "PACKETSTORM",
"id": "105120",
"ident": null
},
{
"date": "2011-09-10T01:00:13",
"db": "PACKETSTORM",
"id": "104969",
"ident": null
},
{
"date": "2011-09-17T19:02:19",
"db": "PACKETSTORM",
"id": "105184",
"ident": null
},
{
"date": "2011-09-22T05:35:12",
"db": "PACKETSTORM",
"id": "105281",
"ident": null
},
{
"date": "2011-11-09T16:26:04",
"db": "PACKETSTORM",
"id": "106788",
"ident": null
},
{
"date": "2011-08-29T15:55:02.017000",
"db": "NVD",
"id": "CVE-2011-3192",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#405811",
"ident": null
},
{
"date": "2022-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3192",
"ident": null
},
{
"date": "2015-05-07T17:20:00",
"db": "BID",
"id": "49303",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3192",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "104711"
},
{
"db": "PACKETSTORM",
"id": "104784"
},
{
"db": "PACKETSTORM",
"id": "105120"
},
{
"db": "PACKETSTORM",
"id": "105184"
},
{
"db": "PACKETSTORM",
"id": "105281"
},
{
"db": "PACKETSTORM",
"id": "106788"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Apache HTTPD 1.3/2.x Range header DoS vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#405811"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "49303"
}
],
"trust": 0.3
}
}
VAR-201405-0502
Vulnerability from variot - Updated: 2025-04-13 23:31CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation " And the session state may change. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.2 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0502",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.16.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.15.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.4.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.15.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.15.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.16.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.3.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.10"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.8.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.11.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.1.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.11.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.3.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.12"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.15"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.11"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.1.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.0"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.13"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.16"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.1.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.12"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v9.1"
},
{
"model": "infocage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "security risk management v1.0.0 to v2.1.3"
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator"
},
{
"model": "interstage service integrator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "struts",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.3.16.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v5.1 to v5.2"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "connections",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "infocage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "pc security"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application development cycle manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "struts",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.x"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager lite v2.0"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business analytics modeling server"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 3.0.10 and earlier"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.3 to v8.4"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v6.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v6.1 to v6.5"
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "esmpro/servermanager",
"scope": "lte",
"trust": 0.8,
"vendor": "nec",
"version": "ver5.75 and earlier"
},
{
"model": "cloud infrastructure management software",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v5.1 to v5.2"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 2.3.16 and earlier"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business process manager analytics"
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "triole",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "cloud middle set b set"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager st ard v2.0"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard-j edition v6.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v6.1 to v6.5"
},
{
"model": "connections",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0.1.1 and earlier"
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager enterprise v7.1"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "extreme transaction processing server"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "connections",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard edition v5.1 to v5.2"
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"v8.2 to v8.4 (with developers studio only )\""
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "mobile manager"
},
{
"model": "systemwalker service quality coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v5.1 to v5.2"
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"v9.1 to v9.2 (with developers studio only )\""
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.7"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.14"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.12"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.13"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.10"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "67218"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:struts",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:connections",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:esmpro_servermanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infocage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:integrated_system_ha_database_ready",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_development_cycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_service_integrator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:serverview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:symfoware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:triole",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zubair Ashraf of IBM X-Force",
"sources": [
{
"db": "BID",
"id": "67218"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0116",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0116",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0116",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-0116",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-150",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0116",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation \" And the session state may change. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.2 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0116"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "BID",
"id": "67218"
},
{
"db": "VULMON",
"id": "CVE-2014-0116"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0116",
"trust": 2.8
},
{
"db": "BID",
"id": "67218",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59816",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2014-0116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"db": "BID",
"id": "67218"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"id": "VAR-201405-0502",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1875
},
"last_update_date": "2025-04-13T23:31:38.779000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "1680848",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848"
},
{
"title": "1681190",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190"
},
{
"title": "NV15-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html"
},
{
"title": "Bug 1094558",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094558"
},
{
"title": "Huawei-SA-20140707-01-Struts2",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
},
{
"title": "April 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update"
},
{
"title": "S2-022",
"trust": 0.8,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html"
},
{
"title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html"
},
{
"title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html"
},
{
"title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html"
},
{
"title": "Red Hat: CVE-2014-0116",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0116"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "-maven-security-versions",
"trust": 0.1,
"url": "https://github.com/nagauker/-maven-security-versions "
},
{
"title": "maven-security-versions-Travis",
"trust": 0.1,
"url": "https://github.com/klee94/maven-security-versions-Travis "
},
{
"title": "maven-security-versions",
"trust": 0.1,
"url": "https://github.com/victims/maven-security-versions "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/tmpgit3000/victims "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/alexsh88/victims "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/67218"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59816"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0116"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0116"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34163"
},
{
"trust": 0.1,
"url": "https://github.com/victims/maven-security-versions"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"db": "BID",
"id": "67218"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"db": "BID",
"id": "67218"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-08T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"date": "2014-05-06T00:00:00",
"db": "BID",
"id": "67218"
},
{
"date": "2014-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"date": "2014-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"date": "2014-05-08T10:55:02.967000",
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0116"
},
{
"date": "2015-04-16T18:14:00",
"db": "BID",
"id": "67218"
},
{
"date": "2016-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002411"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-150"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0116"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002411"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-150"
}
],
"trust": 0.6
}
}
VAR-201404-0287
Vulnerability from variot - Updated: 2025-04-13 22:09CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation (manipulate)" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.1 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0287",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "struts",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.3.16.2"
},
{
"model": "connections",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "connections",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "struts",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.16.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.16"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.15.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.15.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.9,
"vendor": "apache",
"version": "2.3.15.1"
},
{
"model": "connections",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 2.3.16"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise monitor 3.0.10"
},
{
"model": "esmpro/servermanager",
"scope": "lte",
"trust": 0.8,
"vendor": "nec",
"version": "ver5.75"
},
{
"model": "infocage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "pc security"
},
{
"model": "infocage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "security risk management v1.0.0 to v2.1.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v5.1 to v5.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v6.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager enterprise v7.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager lite v2.0"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "rfid manager standard v2.0"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v5.1 to v5.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v6.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v5.1 to v5.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v6.1 to v6.5"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v5.1 to v5.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v6.1 to v6.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"v8.2 to v8.4 (with developers studio only )\""
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"v9.1 to v9.2 (with developers studio only )\""
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.3 to v8.4"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v9.1"
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business analytics modeling server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business process manager analytics"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "extreme transaction processing server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "mobile manager"
},
{
"model": "interstage application development cycle manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage service integrator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service quality coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "triole",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "cloud middle set b set"
},
{
"model": "cloud infrastructure management software",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.4.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.3"
},
{
"model": "keybox",
"scope": "eq",
"trust": 0.3,
"vendor": "skavanagh",
"version": "2.10.02"
},
{
"model": "ec2box",
"scope": "eq",
"trust": 0.3,
"vendor": "skavanagh",
"version": "0.11.01"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.10"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.3.16"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.3.15"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.3.14"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.3.13"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.3"
},
{
"model": "sterling web channel",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "sterling web channel",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.1"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "sterling order management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "sterling field sales",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.1"
},
{
"model": "sterling field sales",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "sterling field sales",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "sterling field sales",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "platform symphony",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "platform symphony",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "platform symphony",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "platform hpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "platform hpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "platform hpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "platform application center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "platform application center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "platform application center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "platform application center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.00"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.10"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.2"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.1"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1.1"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.0.2"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.0.1"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.3"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5.0"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.41"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.12"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.10"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.15"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.14.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.14.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.14.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.13"
},
{
"model": "keybox",
"scope": "ne",
"trust": 0.3,
"vendor": "skavanagh",
"version": "2.10.03"
},
{
"model": "ec2box",
"scope": "ne",
"trust": 0.3,
"vendor": "skavanagh",
"version": "0.11.02"
},
{
"model": "clearpass",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.2"
},
{
"model": "clearpass",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.6"
},
{
"model": "clearpass",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.4"
},
{
"model": "struts",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.16.2"
}
],
"sources": [
{
"db": "BID",
"id": "67081"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:struts",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:connections",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:mysql",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:esmpro_servermanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infocage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:integrated_system_ha_database_ready",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_development_cycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_service_integrator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:serverview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:symfoware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:triole",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Taki Uchiyama, Takeshi Terada, Takayoshi Isayama, Yoshiyuki Karezaki, BAKA/ty, \nShine, NSFOCUS Security Team and heige.",
"sources": [
{
"db": "BID",
"id": "67081"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0113",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0113",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0113",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0113",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-570",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0113",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation (manipulate)\" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.1 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0113"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "BID",
"id": "67081"
},
{
"db": "VULMON",
"id": "CVE-2014-0113"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0113",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "59178",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570",
"trust": 0.6
},
{
"db": "BID",
"id": "67081",
"trust": 0.3
},
{
"db": "EXPLOITDB",
"id": "33142",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0113",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"db": "BID",
"id": "67081"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"id": "VAR-201404-0287",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1875
},
"last_update_date": "2025-04-13T22:09:03.444000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Bulletins S2-021",
"trust": 0.8,
"url": "https://cwiki.apache.org/confluence/display/WW/S2-021"
},
{
"title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2",
"trust": 0.8,
"url": "http://struts.apache.org/download.cgi#struts23162"
},
{
"title": "1680848",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848"
},
{
"title": "1681190",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190"
},
{
"title": "NV15-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"title": "April 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update"
},
{
"title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html"
},
{
"title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html"
},
{
"title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html"
},
{
"title": "struts-2.3.16.2-all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49668"
},
{
"title": "Red Hat: CVE-2014-0113",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0113"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "-maven-security-versions",
"trust": 0.1,
"url": "https://github.com/nagauker/-maven-security-versions "
},
{
"title": "maven-security-versions-Travis",
"trust": 0.1,
"url": "https://github.com/klee94/maven-security-versions-Travis "
},
{
"title": "maven-security-versions",
"trust": 0.1,
"url": "https://github.com/victims/maven-security-versions "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/tmpgit3000/victims "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/alexsh88/victims "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706"
},
{
"trust": 1.7,
"url": "https://cwiki.apache.org/confluence/display/ww/s2-021"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59178"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0113"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0113"
},
{
"trust": 0.3,
"url": "http://www.arubanetworks.com/support/alerts/aid-051414.asc"
},
{
"trust": 0.3,
"url": "https://github.com/skavanagh/ec2box/releases/tag/v0.11.02"
},
{
"trust": 0.3,
"url": "https://github.com/skavanagh/keybox/releases/tag/v2.10.03"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680848"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020896"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020893"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/development/2.x/docs/s2-021.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020894"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020895"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/victims/maven-security-versions"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/33142/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"db": "BID",
"id": "67081"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"db": "BID",
"id": "67081"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"date": "2014-04-28T00:00:00",
"db": "BID",
"id": "67081"
},
{
"date": "2014-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"date": "2014-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"date": "2014-04-29T10:37:03.700000",
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0113"
},
{
"date": "2015-05-07T17:38:00",
"db": "BID",
"id": "67081"
},
{
"date": "2016-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002269"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-570"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0113"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002269"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-570"
}
],
"trust": 0.6
}
}
VAR-201412-0271
Vulnerability from variot - Updated: 2025-04-13 22:01The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications.
TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc. Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04819635
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04819635 Version: 1
HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-29 Last Updated: 2015-09-29
Potential Security Impact: Disclosure of Privileged Information, Remote Disclosure of Privileged Information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information.
References:
CVE-2014-8730 SSRT102263
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
VAN SDN Controller 2.5.21 VAN SDN Controller 2.5.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols in the client Auth properties of the /opt/sdn/virgo/configuration/tomcat-server.xml file.
Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing Change the following line from this: clientAuth="false" sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false" sslEnabledProtocols=" TLSv1.1,TLSv1.2" Restart the controller.
HISTORY Version:1 (rev.1) - 29 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5 =Px26 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.1.0 to 10.2.4"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.5.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.3.0 to 11.5.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.5.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.4.0 to 11.5.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.0.0 to 10.2.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.5.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.1.0 to 10.2.4"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.3.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.0.0 to 10.2.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.3.0 to 11.6.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.0.0 to 10.2.4"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.4.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.0.0 to 10.2.4"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.3.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "10.0.0 to 10.2.4"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "11.0.0 to 11.3.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "4.0.0 to 4.4.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "4.2.0 to 4.4.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.8,
"vendor": "f5",
"version": "4.0.0 to 4.4.0"
},
{
"model": "internet navigware e-learning pack",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "internet navigware enterprise lms server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server express",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "safeauthor",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator cloud edition"
},
{
"model": "systemwalker centric manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker desktop inspection",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker desktop keeper",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker desktop patrol",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker it change manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker operation manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker runbook automation",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker security control",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "cloud infrastructure management software",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "tls",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "1.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.15"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.14"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.0"
},
{
"model": "sa700",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa2500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa2000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag6611",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag6610",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag4610",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag2600",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "txseries for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "txseries for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "txseries for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.5"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.4"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.3"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.2"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.1"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "tpf toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2.6"
},
{
"model": "tivoli service request manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli service request manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "tivoli monitoring for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0"
},
{
"model": "smartcloud provisioning for software virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.12"
},
{
"model": "smartcloud provisioning ifix2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.01"
},
{
"model": "smartcloud provisioning ifix6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.1"
},
{
"model": "smartcloud provisioning ifix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.5"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.4"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "smartcloud orchestrator fp1 ifix6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator fp1 ifix5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator fp1 ifix4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "smartcloud cost management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.3"
},
{
"model": "smartcloud cost management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "smartcloud control desk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "security directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.21"
},
{
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.12"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.11"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.51"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.41"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.37"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.36"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.35"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.34"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.33"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.32"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.31"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.1.0"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.0.1"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.2"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.1"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1.3"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.2"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.4.0.2"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.4"
},
{
"model": "rational doors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.3.0.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "maximo for utilities",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for utilities",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo for transportation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for transportation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo for oil and gas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for oil and gas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo for nuclear power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for nuclear power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo for life sciences",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for life sciences",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo for government",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo for government",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo asset management essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo asset management essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.122"
},
{
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.121"
},
{
"model": "domino fp if4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.365"
},
{
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.242"
},
{
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.152"
},
{
"model": "domino if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.06"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "change and configuration management database",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "change and configuration management database",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.7.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.17"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.15"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
},
{
"model": "fortios mr5",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.36"
},
{
"model": "fortios mr10",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.8"
},
{
"model": "fortios 0mr4",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.5"
},
{
"model": "fortios build",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.0"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.18"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.16"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "fortios mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip wan optimization module",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip wan optimization module",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip wan optimization module",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip edge gateway hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0.39.0"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "point software secureplatform os r77.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r77.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r77",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r76",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.47",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.46",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.40vs",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software secureplatform os r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r77.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r77.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r77",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r76",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.47",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.46",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.40vs",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software gaia os r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software check point ipso",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "6.2"
},
{
"model": "networks adc 2.7.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "a10",
"version": null
},
{
"model": "networks adc 2.7.1-p5",
"scope": null,
"trust": 0.3,
"vendor": "a10",
"version": null
},
{
"model": "networks adc 2.7.0-p6",
"scope": null,
"trust": 0.3,
"vendor": "a10",
"version": null
},
{
"model": "networks adc 2.6.1-gr1",
"scope": null,
"trust": 0.3,
"vendor": "a10",
"version": null
},
{
"model": "smartcloud provisioning ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.17"
},
{
"model": "smartcloud orchestrator fp1 ifix7",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.1.1"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.0.2"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.3"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1.4"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.3"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.4.0.3"
},
{
"model": "rational doors",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.3.0.9"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "BID",
"id": "71549"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:f5:big-ip_access_policy_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_advanced_firewall_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_analytics",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_acceleration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_security_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_edge_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_local_traffic_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_policy_enforcement_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_protocol_security_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_wan_optimization_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_webaccelerator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_cloud",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_device",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:internet_navigware_e-Learning_Pack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:internet_navigware_Enterprise_LMS_Server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server_express",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:safeauthor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:serverview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_centric_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_inspection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_keeper",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_patrol",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_it_change_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_operation_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_runbook_automation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_security_control",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Langley",
"sources": [
{
"db": "BID",
"id": "71549"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8730",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-8730",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-08824",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-76675",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8730",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8730",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-08824",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-189",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76675",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications. \r\n\r\n\r\nTLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user\u0027s sensitive information, such as cookies , Account information, etc. \nNote: This issue was previously titled \u0027OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04819635\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04819635\nVersion: 1\n\nHPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-29\nLast Updated: 2015-09-29\n\nPotential Security Impact: Disclosure of Privileged Information, Remote\nDisclosure of Privileged Information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with the HP VAN SDN\nController running SSLv3. This is the SSLv3 vulnerability known as \"Padding\nOracle on Downgraded Legacy Encryption\" also known as \"Poodle\", which could\nbe exploited remotely resulting in disclosure of privileged information. \n\nReferences:\n\nCVE-2014-8730\nSSRT102263\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nVAN SDN Controller 2.5.21\nVAN SDN Controller 2.5.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols\nin the client Auth properties of the\n/opt/sdn/virgo/configuration/tomcat-server.xml file. \n\nOpen the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing\nChange the following line from this: clientAuth=\"false\"\nsslEnabledProtocols=\"TLSv1.0, TLSv1.1,TLSv1.2\" to this: clientAuth=\"false\"\nsslEnabledProtocols=\" TLSv1.1,TLSv1.2\"\nRestart the controller. \n\nHISTORY\nVersion:1 (rev.1) - 29 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo\nbW4AnjzTddq/rpaQfITkTvhg7DUpT9f5\n=Px26\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8730"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "BID",
"id": "71549"
},
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "PACKETSTORM",
"id": "133815"
},
{
"db": "PACKETSTORM",
"id": "139063"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-76675",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76675"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8730",
"trust": 3.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/12/09/27",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62167",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "62388",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "62224",
"trust": 1.1
},
{
"db": "BID",
"id": "71549",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-08824",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "133815",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-76675",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139063",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "BID",
"id": "71549"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "PACKETSTORM",
"id": "133815"
},
{
"db": "PACKETSTORM",
"id": "139063"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"id": "VAR-201412-0271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76675"
}
],
"trust": 0.52067421125
},
"last_update_date": "2025-04-13T22:01:31.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2014-8730 Padding issue",
"trust": 0.8,
"url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
},
{
"title": "sol15882: TLS1.x padding vulnerability CVE-2014-8730",
"trust": 0.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
},
{
"title": "Interstage\u3084Systemwalker\u95a2\u9023\u88fd\u54c1\uff1aTLS1.0\u5b9f\u88c5\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u554f\u984c",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_tls_201501.html"
},
{
"title": "Patch for TLS fills man-in-the-middle attack vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/52704"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
},
{
"trust": 2.6,
"url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
},
{
"trust": 2.0,
"url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8730"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"trust": 1.1,
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62167"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62224"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/62388"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8730"
},
{
"trust": 0.3,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk103683"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/cve-2014-8730--poodle-for-tls--vulnerability/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36740"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-8730"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=tsb16579"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/28?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695127"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685985"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699160"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021903"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693142"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21692502"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960375"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693290"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700209"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692934"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693285"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692618"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692802"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693330"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698986"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961009"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8730"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144372772101168\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04819635"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "BID",
"id": "71549"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "PACKETSTORM",
"id": "133815"
},
{
"db": "PACKETSTORM",
"id": "139063"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"db": "VULHUB",
"id": "VHN-76675"
},
{
"db": "BID",
"id": "71549"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"db": "PACKETSTORM",
"id": "133815"
},
{
"db": "PACKETSTORM",
"id": "139063"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76675"
},
{
"date": "2014-12-08T00:00:00",
"db": "BID",
"id": "71549"
},
{
"date": "2014-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"date": "2015-10-02T23:43:22",
"db": "PACKETSTORM",
"id": "133815"
},
{
"date": "2016-10-12T04:50:49",
"db": "PACKETSTORM",
"id": "139063"
},
{
"date": "2014-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"date": "2014-12-10T00:59:01.293000",
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08824"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-76675"
},
{
"date": "2016-10-26T11:05:00",
"db": "BID",
"id": "71549"
},
{
"date": "2015-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005869"
},
{
"date": "2014-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-189"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-8730"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F5 Product SSL Vulnerability in obtaining clear text data in profile component",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005869"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-189"
}
],
"trust": 0.6
}
}
VAR-201403-0506
Vulnerability from variot - Updated: 2025-04-13 20:43The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0506",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "struts",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.3.16.1"
},
{
"model": "struts",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business analytics modeling server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business process manager analytics"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "extreme transaction processing server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "mobile manager"
},
{
"model": "interstage application development cycle manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage service integrator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service quality coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "triole",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "cloud middle set b set"
},
{
"model": "cloud infrastructure management software",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.12"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.11.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.15.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.15.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.15"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.11.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.0"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.7"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.14"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.1.0"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.12"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.13"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.10"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "65999"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:struts",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:integrated_system_ha_database_ready",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_development_cycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_service_integrator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:serverview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:symfoware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:triole",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mark Thomas and Przemyslaw Celej",
"sources": [
{
"db": "BID",
"id": "65999"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0094",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0094",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-191",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0094",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "BID",
"id": "65999"
},
{
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"db": "PACKETSTORM",
"id": "127215"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41690",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0094"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0094",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1029876",
"trust": 2.4
},
{
"db": "BID",
"id": "65999",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "127215",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN19294237",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "56440",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59178",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2014-0094",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"db": "BID",
"id": "65999"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"id": "VAR-201403-0506",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1875
},
"last_update_date": "2025-04-13T20:43:15.777000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "S2-021",
"trust": 0.8,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html"
},
{
"title": "S2-020",
"trust": 0.8,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html"
},
{
"title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html"
},
{
"title": "Interstage BPMA\u4ed6 CVE-2014-0094",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_bpma201401.html"
},
{
"title": "Interstage Application Development Cycle Manager(ADM): struts\u306e\u8106\u5f31\u6027(CVE-2014-0094) (2014\u5e745\u670827\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html"
},
{
"title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html"
},
{
"title": "struts-2.3.16.1-all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48603"
},
{
"title": "Debian CVElist Bug Report Logs: libstruts1.2-java: CVE-2014-0114",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=96f4091aa31a0ece729fdcb110066df5"
},
{
"title": "Red Hat: CVE-2014-0094",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0094"
},
{
"title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "CVE-2014-0094-test-program-for-struts1",
"trust": 0.1,
"url": "https://github.com/HasegawaTadamitsu/CVE-2014-0094-test-program-for-struts1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securitytracker.com/id/1029876"
},
{
"trust": 1.6,
"url": "http://jvn.jp/en/jp/jvn19294237/index.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045"
},
{
"trust": 1.6,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/531362/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59178"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56440"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/65999"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html"
},
{
"trust": 1.6,
"url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new"
},
{
"trust": 1.6,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2081470"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/download-vcops"
}
],
"sources": [
{
"db": "BID",
"id": "65999"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"db": "BID",
"id": "65999"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-11T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"date": "2014-03-06T00:00:00",
"db": "BID",
"id": "65999"
},
{
"date": "2014-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"date": "2014-06-25T21:34:12",
"db": "PACKETSTORM",
"id": "127215"
},
{
"date": "2014-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"date": "2014-03-11T13:00:37.107000",
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0094"
},
{
"date": "2015-07-15T00:14:00",
"db": "BID",
"id": "65999"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001603"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-191"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "** Delete ** Apache Struts of ParametersInterceptor In ClassLoader Vulnerability manipulated",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001603"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-191"
}
],
"trust": 0.6
}
}
VAR-201404-0286
Vulnerability from variot - Updated: 2025-04-13 20:05ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:
A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:
This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
-
struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)
-
jetty: HTTP request smuggling (CVE-2017-7657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.3.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/
- Bugs fixed (https://bugzilla.redhat.com/):
1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters 1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 1595620 - CVE-2017-7657 jetty: HTTP request smuggling
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0286",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "struts",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "struts",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.16.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache struts",
"version": null
},
{
"model": "struts",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.0 to 2.3.16.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 for x86(32bit)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 for x86_64(64bit)"
},
{
"model": "cloud infrastructure management software",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business analytics modeling server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "business process manager analytics"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "extreme transaction processing server"
},
{
"model": "interstage",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "mobile manager"
},
{
"model": "interstage application development cycle manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage interaction manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage service integrator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service quality coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "triole",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "cloudmiddleset b set"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.4.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.16.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.15"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.14.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.14"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.12"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.11"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.10"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.9"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.8"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.7"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.6"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.5"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.2"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.1.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3.1"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "software foundation struts",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.13"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "BID",
"id": "67064"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:struts",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:integrated_system_ha_database_ready",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_development_cycle_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_interaction_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_service_integrator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:serverview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:symfoware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:triole",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "152687"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0112",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0112",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "LOW",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 6.9,
"exploitability": "HIGH",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0094",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2014-000045",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0112",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0094",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2014-000045",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0112",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:\n\nA minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Description:\n\nThis release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse\n7.2, and includes bug fixes and enhancements, which are documented in the\nRelease Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the\njackson-databind which could allow an unauthenticated user to perform code\nexecution by sending the maliciously crafted input to the readValue method\nof the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nInstallation instructions are available from the Fuse 7.3.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters\n1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper\n1595620 - CVE-2017-7657 jetty: HTTP request smuggling\n\n5. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0112"
},
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "BID",
"id": "67064"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "PACKETSTORM",
"id": "152687"
},
{
"db": "PACKETSTORM",
"id": "127215"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/719225",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0112",
"trust": 3.0
},
{
"db": "JVN",
"id": "JVN19294237",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045",
"trust": 2.5
},
{
"db": "BID",
"id": "67064",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "127215",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "59500",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59178",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#719225",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "152687",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.1493",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445",
"trust": 0.6
},
{
"db": "EXPLOITDB",
"id": "33142",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0112",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "BID",
"id": "67064"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "PACKETSTORM",
"id": "152687"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"id": "VAR-201404-0286",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.1875
},
"last_update_date": "2025-04-13T20:05:20.612000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Announcements - 2013 24 April 2014 - Struts up to 2.3.16.1: Zero-Day Exploit Mitigation",
"trust": 0.8,
"url": "http://struts.apache.org/announce.html#a20140424"
},
{
"title": "Security Bulletins S2-020",
"trust": 0.8,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html"
},
{
"title": "Security Bulletins S2-021",
"trust": 0.8,
"url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html"
},
{
"title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2",
"trust": 0.8,
"url": "http://struts.apache.org/download.cgi#struts23162"
},
{
"title": "struts-1.2.9-4jpp.8.AXS3 ",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=3678\u0026sType=\u0026sProduct=\u0026published=1"
},
{
"title": "Interstage Application Development Cycle Manager(ADM): Apache Struts vulnerable (CVE-2014-0094)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html"
},
{
"title": "CVE-2014-0094, CVE-2014-0114: Apache Struts vulnerable to ClassLoader manipulation",
"trust": 0.8,
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve2014-0094-0114e.html"
},
{
"title": "Interstage Business Process Manager Analytics, Systemwalker Service Quality Coordinator: Vulnerability of allowing attackers to \"manipulate\" the ClassLoader (CVE-2014-0094). May 20th, 2014",
"trust": 0.8,
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/interstage-bpma201401e.html"
},
{
"title": "Symfoware Server (Open Interface) : Security vulnerabilities of Struts (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html"
},
{
"title": "Interstage Interaction Manager: Struts1 vulnerability (CVE-2014-0094)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_im_201401.html"
},
{
"title": "Interstage Mobile Manager: Struts1 vulnerability (CVE-2014-0094)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_mm_201401.html"
},
{
"title": "FUJITSU Integrated System HA Database Ready: Struts2 vulnerabilities (CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html"
},
{
"title": "1680848",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848"
},
{
"title": "1681190",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190"
},
{
"title": "2081470",
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=2081470"
},
{
"title": "NV15-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html"
},
{
"title": "Bug 1091939",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939"
},
{
"title": "Huawei-SA-20140707-01-Struts2",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
},
{
"title": "April 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update"
},
{
"title": "Alert/Advisory: Multiple Vulnerabilities in Apache Struts on Trend Micro Products",
"trust": 0.8,
"url": "http://esupport.trendmicro.com/solution/ja-JP/1103321.aspx"
},
{
"title": "VMSA-2014-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0007.html"
},
{
"title": "Red Hat: Important: Red Hat Fuse 7.3 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20190910 - Security Advisory"
},
{
"title": "Red Hat: CVE-2014-0112",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0112"
},
{
"title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "strutt-cve-2014-0114",
"trust": 0.1,
"url": "https://github.com/anob3it/strutt-cve-2014-0114 "
},
{
"title": "-maven-security-versions",
"trust": 0.1,
"url": "https://github.com/nagauker/-maven-security-versions "
},
{
"title": "maven-security-versions-Travis",
"trust": 0.1,
"url": "https://github.com/klee94/maven-security-versions-Travis "
},
{
"title": "maven-security-versions",
"trust": 0.1,
"url": "https://github.com/victims/maven-security-versions "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/tmpgit3000/victims "
},
{
"title": "victims",
"trust": 0.1,
"url": "https://github.com/alexsh88/victims "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn19294237/index.html"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2019:0910"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/67064"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939"
},
{
"trust": 1.7,
"url": "https://cwiki.apache.org/confluence/display/ww/s2-021"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59500"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59178"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112"
},
{
"trust": 0.8,
"url": "http://struts.apache.org/announce.html#a20140424"
},
{
"trust": 0.8,
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/chinese-underground-creates-tool-exploiting-apache-struts-vulnerability/"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0112"
},
{
"trust": 0.8,
"url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/719225"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152687/red-hat-security-advisory-2019-0910-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80006"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-0112"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/33142/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38390"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7657"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7657"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.3.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2081470"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/download-vcops"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "BID",
"id": "67064"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "PACKETSTORM",
"id": "152687"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#719225"
},
{
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"db": "BID",
"id": "67064"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"db": "PACKETSTORM",
"id": "152687"
},
{
"db": "PACKETSTORM",
"id": "127215"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-25T00:00:00",
"db": "CERT/CC",
"id": "VU#719225"
},
{
"date": "2014-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"date": "2014-04-24T00:00:00",
"db": "BID",
"id": "67064"
},
{
"date": "2014-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"date": "2019-04-30T16:20:15",
"db": "PACKETSTORM",
"id": "152687"
},
{
"date": "2014-06-25T21:34:12",
"db": "PACKETSTORM",
"id": "127215"
},
{
"date": "2014-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"date": "2014-04-29T10:37:03.670000",
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-24T00:00:00",
"db": "CERT/CC",
"id": "VU#719225"
},
{
"date": "2019-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0112"
},
{
"date": "2015-04-16T18:14:00",
"db": "BID",
"id": "67064"
},
{
"date": "2015-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-000045"
},
{
"date": "2019-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-445"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-0112"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Struts2 ClassLoader allows access to class properties via request parameters",
"sources": [
{
"db": "CERT/CC",
"id": "VU#719225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-445"
}
],
"trust": 0.6
}
}
JVNDB-2014-000045
Vulnerability from jvndb - Published: 2014-04-25 15:37 - Updated:2015-05-08 18:01Summary
Apache Struts vulnerable to ClassLoader manipulation
Details
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.
NTT-CERT reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html",
"dc:date": "2015-05-08T18:01+09:00",
"dcterms:issued": "2014-04-25T15:37+09:00",
"dcterms:modified": "2015-05-08T18:01+09:00",
"description": "Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.\r\n\r\nNTT-CERT reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html",
"sec:cpe": [
{
"#text": "cpe:/a:apache:struts",
"@product": "Apache Struts",
"@vendor": "Apache Software Foundation",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:cloud_infrastructure_management_software",
"@product": "Cloud Infrastructure Management Software",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:integrated_system_ha_database_ready",
"@product": "FUJITSU Integrated System HA Database Ready",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage",
"@product": "Interstage",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_application_development_cycle_manager",
"@product": "Interstage Application Development Cycle Manager",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
"@product": "Interstage Application Framework Suite",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_application_server",
"@product": "Interstage Application Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_apworks",
"@product": "Interstage Apworks",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_business_application_server",
"@product": "Interstage Business Application Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_interaction_manager",
"@product": "Interstage Interaction Manager",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_job_workload_server",
"@product": "Interstage Job Workload Server",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_service_integrator",
"@product": "Interstage Service Integrator",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:interstage_studio",
"@product": "Interstage Studio",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:serverview",
"@product": "ServerView",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:symfoware",
"@product": "Symfoware",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:systemwalker_service_catalog_manager",
"@product": "Systemwalker Service Catalog Manager",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator",
"@product": "Systemwalker Service Quality Coordinator",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:systemwalker_software_configuration_manager",
"@product": "Systemwalker Software Configuration Manager",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:triole",
"@product": "TRIOLE",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/o:misc:miraclelinux_asianux_server",
"@product": "Asianux Server",
"@vendor": "Cybertrust Japan Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000045",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN19294237/index.html",
"@id": "JVN#19294237",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094",
"@id": "CVE-2014-0094",
"@source": "CVE"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112",
"@id": "CVE-2014-0112",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0094",
"@id": "CVE-2014-0094",
"@source": "NVD"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0112",
"@id": "CVE-2014-0112",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html",
"@id": "[Updated] Security Alert for Vulnerability in the \"Apache Struts2\" (CVE-2014-0094)(S2-020)",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.kb.cert.org/vuls/id/719225",
"@id": "VU#719225",
"@source": "CERT-VN"
},
{
"#text": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/",
"@id": "Ver 7.3.0.0 - What\u2019s New?",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-DesignError",
"@title": "No Mapping(CWE-DesignError)"
}
],
"title": "Apache Struts vulnerable to ClassLoader manipulation"
}