Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
96 vulnerabilities found for DataPower Gateway by IBM
VAR-201501-0434
Vulnerability from variot - Updated: 2026-04-10 22:38The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. OpenSSL is prone to an unspecified security weakness. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
Security Fix(es):
-
It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. (CVE-2015-0204)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105)
-
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2014-3570)
Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-5387; the OpenSSL project for reporting CVE-2016-2105 and CVE-2016-2106; and Michal Karm Babacek for reporting CVE-2016-3110. Upstream acknowledges Guido Vranken as the original reporter of CVE-2016-2105 and CVE-2016-2106. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-15:01.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2015-01-14 Affects: All supported versions of FreeBSD. Corrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE) 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4) 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16) 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE) 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8) 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE) 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22) CVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572 CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2014-3569] This does not affect FreeBSD's default build. [CVE-2014-3570]
III. Impact
An attacker who can send a carefully crafted DTLS message can cause server daemons that uses OpenSSL to crash, resulting a Denial of Service. [CVE-2014-8275]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 8.4 and FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 10.0]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch
fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc
gpg --verify openssl-10.1.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r276865 releng/8.4/ r277195 stable/9/ r276865 releng/9.3/ r277195 stable/10/ r276864 releng/10.0/ r277195 releng/10.1/ r277195
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUtuEaAAoJEO1n7NZdz2rnQCcP/A19v5HUUhjz5nMbUumRwAmB QCxNKEy6SbAuxtIwGNYJyyxKIK3R9vTHwlgyQZVb4q8FgMHcu4yABeRfov10mO5Q U7RkLOJyca6eqEngkrh+AFfbhqfxtccIMUQkDdegsQcqZd2Ya0VeNfjA8H0XIDoL JSEoCifmxjv6v8ZcpugahsUOBmEWx+vyHJUSPVSv/AsLubzV3hqi4iLpzLky3/dR 4LHGzPny07NkGPVqOBU7mjTs76SzCTS2c4NIVfvbphx8UojMvREbZ8ogCMEVGBXY fIWesi7Y6lhqbSgWj1EXyZF9NTo/Z4nr7Oh1ER5VSAfmhZAdyhEEEGQrg4Jq0VL3 DJ1Y35Up79xXmVjB14COxodI5UO+55wWnXb8r/zy/eh+wv0sHwlTz56wxo7SxAOa xOrQj0VJ7zghLhBO7azacbVYIKpfQkJafb7XRUOqu4wt2y3/jeL+0UkWJnNMROrq aQUB6SdGUVDwQsmodgF0rsGcQYXhaQBPu4KQo8yG8+rpqc2zewi537BJr/PWJvH0 sJ6yYcD7VGyIleVRDpxsg7uBWelnGn+AqHignbyUcic4j/N9lYlF00AVgka2TdOp i5eZtp7m95v53S4fEX2HGwWpOv+AfCrSKQZGpvdNx+9JyD3LyOvFBxs4k0oZWa6J 6FLFZ38YkLcUIzW6I6Kc =ztFk -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update Advisory ID: RHSA-2015:0849-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0849.html Issue date: 2015-04-16 CVE Names: CVE-2014-3570 CVE-2014-3586 CVE-2014-8111 CVE-2015-0204 CVE-2015-0226 CVE-2015-0227 CVE-2015-0277 =====================================================================
- Summary:
Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
It was found that a prior countermeasure in Apache WSS4J for Bleichenbacher's attack on XML Encryption (CVE-2011-2487) threw an exception that permitted an attacker to determine the failure of the attempted attack, thereby leaving WSS4J vulnerable to the attack. The original flaw allowed a remote attacker to recover the entire plain text form of a symmetric key. (CVE-2015-0226)
A flaw was found in the way PicketLink's Service Provider and Identity Provider handled certain requests. A remote attacker could use this flaw to log to a victim's account via PicketLink. (CVE-2015-0277)
It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them. (CVE-2015-0204)
It was found that Apache WSS4J permitted bypass of the requireSignedEncryptedDataElements configuration property via XML Signature wrapping attacks. A remote attacker could use this flaw to modify the contents of a signed request. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. (CVE-2014-3570)
It was found that the Command Line Interface, as provided by Red Hat Enterprise Application Platform, created a history file named .jboss-cli-history in the user's home directory with insecure default file permissions. This could allow a malicious local user to gain information otherwise not accessible to them. (CVE-2014-3586)
The CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat.
This release of JBoss Enterprise Application Platform also includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes, linked to in the References.
All users of Red Hat JBoss Enterprise Application Platform 6.3 as provided from the Red Hat Customer Portal are advised to apply this update. The JBoss server process must be restarted for the update to take effect. Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. Bugs fixed (https://bugzilla.redhat.com/):
1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file 1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) 1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results 1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing 1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher's attack (incomplete fix for CVE-2011-2487) 1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn't correctly enforce the requireSignedEncryptedDataElements property 1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account
- References:
https://access.redhat.com/security/cve/CVE-2014-3570 https://access.redhat.com/security/cve/CVE-2014-3586 https://access.redhat.com/security/cve/CVE-2014-8111 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0226 https://access.redhat.com/security/cve/CVE-2015-0227 https://access.redhat.com/security/cve/CVE-2015-0277 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=appplatform&version=6.4 https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209).
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse (CVE-2015-0287).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- .
Release Date: 2015-08-24 Last Updated: 2015-08-24
Potential Security Impact: Remote unauthorized modification, unauthorized access, or unauthorized disclosure of information.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Matrix Operating Environment. The vulnerabilities could be exploited remotely resulting in unauthorized modification, unauthorized access, or unauthorized disclosure of information.
References:
CVE-2010-5107 CVE-2013-0248 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-1692 CVE-2014-3523 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8142 CVE-2014-8275 CVE-2014-9427 CVE-2014-9652 CVE-2014-9653 CVE-2014-9705 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0207 CVE-2015-0208 CVE-2015-0209 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-0285 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0290 CVE-2015-0291 CVE-2015-0292 CVE-2015-0293 CVE-2015-1787 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2134 CVE-2015-2139 CVE-2015-2140 CVE-2015-2301 CVE-2015-2331 CVE-2015-2348 CVE-2015-2787 CVE-2015-3113 CVE-2015-5122 CVE-2015-5123 CVE-2015-5402 CVE-2015-5403 CVE-2015-5404 CVE-2015-5405 CVE-2015-5427 CVE-2015-5428 CVE-2015-5429 CVE-2015-5430 CVE-2015-5431 CVE-2015-5432 CVE-2015-5433
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Matrix Operating Environment impacted software components and versions:
HP Systems Insight Manager (SIM) prior to version 7.5.0 HP System Management Homepage (SMH) prior to version 7.5.0 HP Version Control Agent (VCA) prior to version 7.5.0 HP Version Control Repository Manager (VCRM) prior to version 7.5.0 HP Insight Orchestration prior to version 7.5.0 HP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 CVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 CVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9 CVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities in the impacted versions of HP Matrix Operating Environment
HP Matrix Operating Environment 7.5.0 is only available on DVD. Please order the latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO from the following location:
http://www.hp.com/go/insightupdates
Choose the orange Select button. This presents the HP Insight Management Media order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from the Software specification list. Fill out the rest of the form and submit it.
HP has addressed these vulnerabilities for the affected software components bundled with the HP Matrix Operating Environment in the following HP Security Bulletins.
HP Matrix Operating Environment component HP Security Bulletin Number Security Bulletin Location
HP Systems Insight Manager (SIM) HPSBMU03394 HPSBMU03394 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744
HP System Management Homepage (SMH) HPSBMU03380 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490&la ng=en-us&cc=
HP Version Control Agent (VCA) HPSBMU03397 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169
HP Version Control Repository Manager (VCRM) HPSBMU03396 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04765115
HP Virtual Connect Enterprise Manager (VCEM) SDK HPSBMU03413 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr _na-c04774021
HISTORY Version:1 (rev.1) - 24 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. OpenSSL Security Advisory [08 Jan 2015] =======================================
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
Severity: Moderate
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
Severity: Moderate
A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch.
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
Severity: Low
When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx.
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
Severity: Low
An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
Severity: Low
An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Severity: Low
An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
Certificate fingerprints can be modified (CVE-2014-8275)
Severity: Low
OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint.
This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team.
Bignum squaring may produce incorrect results (CVE-2014-3570)
Severity: Low
Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined:
) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. ) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. ) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. ) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team.
[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilites.
References:
CVE-2014-8275 Cryptographic Issues (CWE-310) CVE-2014-3569 Remote Denial of Service (DoS) CVE-2014-3570 Cryptographic Issues (CWE-310) CVE-2014-3571 Remote Denial of Service (DoS) CVE-2014-3572 Cryptographic Issues (CWE-310) CVE-2015-0204 Cryptographic Issues (CWE-310) SSRT101885
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The updates are available from either of the following sites:
ftp://sl098ze:Secure12@h2.usa.hp.com
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
HP-UX Release HP-UX OpenSSL depot name
B.11.11 (11i v1) OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08ze or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zc"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7200"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7800"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7400"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5200"
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"_id": null,
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "bladecenter advanced management module 25r5778",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1948"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.00"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205635"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.80"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems e870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22025850"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.50"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355042540"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.0"
},
{
"_id": null,
"model": "cms",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "17.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.2"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"_id": null,
"model": "netezza platform software 7.2.0.4-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "junos os 13.3r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "tivoli netcool/reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.1"
},
{
"_id": null,
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "prime security manager 04.8 qa08",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.70"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.21"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.16-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.4"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355041980"
},
{
"_id": null,
"model": "power systems 350.c0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "app for netapp data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79550"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.2.2"
},
{
"_id": null,
"model": "network configuration and change management service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "power system s814",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.21"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.3"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.6.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "10.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.40"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.b1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.12"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087380"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems 350.e0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m5000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.21"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "power systems 350.e1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.15-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6.156"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.00"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "system management homepage c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079450"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "enterprise content delivery service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4(7.26)"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.10"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "app for stream",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.2"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems 350.a0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.106)"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.3"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22079060"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88042590"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.00"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.22"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "application policy infrastructure controller 1.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.03"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205577"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15-210"
},
{
"_id": null,
"model": "10g vfsm for bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.6.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571451.43"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365042550"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571910"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12.201"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.16"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.3.3"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.81"
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.00"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "ace30 application control engine module 3.0 a5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 12.3r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"_id": null,
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571480"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.7"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.1"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2.127"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.50"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cms r17 r4",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073800"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.60"
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"_id": null,
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "power systems 350.b0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system idataplex dx360 m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63910"
},
{
"_id": null,
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "sparc enterprise m4000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "wag310g residential gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power ese",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0-14"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571460"
},
{
"_id": null,
"model": "sametime community server hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"_id": null,
"model": "as infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"_id": null,
"model": "cognos controller if1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "820.02"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.00"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.11"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.7"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "linux enterprise server for vmware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(0.625)"
},
{
"_id": null,
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"_id": null,
"model": "agent desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88079030"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "sametime community server limited use",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087370"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571470"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.8-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"_id": null,
"model": "ctpos 7.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "system management homepage a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11.197"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "power system s824l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15210"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365041990"
},
{
"_id": null,
"model": "system m4 hd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054600"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "flex system interconnect fabric",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.80"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.30"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.0"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "10g vfsm for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "power 795",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.51"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571430"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73210"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.21"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22279160"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.10.0"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power system s822l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571450"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504667"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.10"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5205587"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"_id": null,
"model": "project openssl 0.9.8zd",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63800"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "ringmaster appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.60"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "ctpview 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "cognos controller interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.41"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vgw",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.20"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.32"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "system m4 bd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054660"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.15"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "openssh for gpfs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "src series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079460"
},
{
"_id": null,
"model": "iptv",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.2"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2.106"
},
{
"_id": null,
"model": "web security appliance 9.0.0 -fcs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079440"
},
{
"_id": null,
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mint",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage 7.3.2.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "3"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571920"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14.20"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "physical access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079470"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571490"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "1:10g switch for bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.80"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.51"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "2"
},
{
"_id": null,
"model": "power system s824",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "ctp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"_id": null,
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"_id": null,
"model": "sparc enterprise m3000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"_id": null,
"model": "power systems e880",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "ctpos 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "bladecenter t advanced management module 32r0835",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.801"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.10"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8734-"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.20"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.12"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "mobile wireless transport manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24078630"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.61"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.143"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.20"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24089560"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.90"
},
{
"_id": null,
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.02"
},
{
"_id": null,
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.1"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "ne",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.29)"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.50"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"_id": null,
"model": "mobile security suite mss",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1.104"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "nsm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.20"
},
{
"_id": null,
"model": "cognos controller if3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.10"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "power system s812l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pulse secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087180"
},
{
"_id": null,
"model": "flex system manager node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8731-"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "783.01"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73230"
},
{
"_id": null,
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363073770"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.10"
},
{
"_id": null,
"model": "flex system interconnect fabric",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1841"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"_id": null,
"model": "cognos controller fp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.1)"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.5-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.4"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.179"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.20"
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.6"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "810.01"
},
{
"_id": null,
"model": "power systems 350.d0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.40"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "vds service broker",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "74.90"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.40"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "app for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "junos os 12.3x48-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054540"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "004.000(1233)"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.10"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "sparc enterprise m8000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "ctpos 6.6r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"_id": null,
"model": "cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "junos os 13.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "780.01"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "740.52"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "550"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350078390"
},
{
"_id": null,
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "management center",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3.2.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5504965"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.5"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.60"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.0.121"
},
{
"_id": null,
"model": "ios 15.5 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "prime performance manager for sps ppm sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "350.70"
},
{
"_id": null,
"model": "content analysis system",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.3.1"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.31"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x44079170"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.1.2"
},
{
"_id": null,
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "systems insight manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "sparc enterprise m9000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79190"
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "power systems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "770.00"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
}
],
"sources": [
{
"db": "BID",
"id": "71939"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"credits": {
"_id": null,
"data": "Pieter Wuille",
"sources": [
{
"db": "BID",
"id": "71939"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3570",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3570",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3570",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3570",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"description": {
"_id": null,
"data": "The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. OpenSSL is prone to an unspecified security weakness. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nSecurity Fix(es):\n\n* It was discovered that httpd used the value of the Proxy header from HTTP\nrequests to initialize the HTTP_PROXY environment variable for CGI scripts,\nwhich in turn was incorrectly used by certain HTTP client implementations\nto configure the proxy for outgoing HTTP requests. (CVE-2015-0204)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncodeUpdate() function of OpenSSL parsed very large amounts of\ninput data. A remote attacker could use this flaw to crash an application\nusing OpenSSL or, possibly, execute arbitrary code with the permissions of\nthe user running that application. (CVE-2016-2105)\n\n* An integer overflow flaw, leading to a buffer overflow, was found in the\nway the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts\nof input data. A remote attacker could use this flaw to crash an\napplication using OpenSSL or, possibly, execute arbitrary code with the\npermissions of the user running that application. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2014-3570)\n\nRed Hat would like to thank Scott Geary (VendHQ) for reporting\nCVE-2016-5387; the OpenSSL project for reporting CVE-2016-2105 and\nCVE-2016-2106; and Michal Karm Babacek for reporting CVE-2016-3110. \nUpstream acknowledges Guido Vranken as the original reporter of\nCVE-2016-2105 and CVE-2016-2106. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:01.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2015-01-14\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-01-09 00:58:20 UTC (stable/10, 10.1-STABLE)\n 2015-01-14 21:27:46 UTC (releng/10.1, 10.1-RELEASE-p4)\n 2015-01-14 21:27:46 UTC (releng/10.0, 10.0-RELEASE-p16)\n 2015-01-09 01:11:43 UTC (stable/9, 9.3-STABLE)\n 2015-01-14 21:27:46 UTC (releng/9.3, 9.3-RELEASE-p8)\n 2015-01-09 01:11:43 UTC (stable/8, 8.4-STABLE)\n 2015-01-14 21:27:46 UTC (releng/8.4, 8.4-RELEASE-p22)\nCVE Name: CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572\n CVE-2015-0204, CVE-2015-0205, CVE-2014-8275, CVE-2014-3570\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2014-3569] This does not affect\nFreeBSD\u0027s default build. [CVE-2014-3570]\n\nIII. Impact\n\nAn attacker who can send a carefully crafted DTLS message can cause server\ndaemons that uses OpenSSL to crash, resulting a Denial of Service. [CVE-2014-8275]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.4 and FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 10.0]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:01/openssl-10.1.patch.asc\n# gpg --verify openssl-10.1.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r276865\nreleng/8.4/ r277195\nstable/9/ r276865\nreleng/9.3/ r277195\nstable/10/ r276864\nreleng/10.0/ r277195\nreleng/10.1/ r277195\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://www.openssl.org/news/secadv_20150108.txt\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:01.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.1.1 (FreeBSD)\n\niQIcBAEBCgAGBQJUtuEaAAoJEO1n7NZdz2rnQCcP/A19v5HUUhjz5nMbUumRwAmB\nQCxNKEy6SbAuxtIwGNYJyyxKIK3R9vTHwlgyQZVb4q8FgMHcu4yABeRfov10mO5Q\nU7RkLOJyca6eqEngkrh+AFfbhqfxtccIMUQkDdegsQcqZd2Ya0VeNfjA8H0XIDoL\nJSEoCifmxjv6v8ZcpugahsUOBmEWx+vyHJUSPVSv/AsLubzV3hqi4iLpzLky3/dR\n4LHGzPny07NkGPVqOBU7mjTs76SzCTS2c4NIVfvbphx8UojMvREbZ8ogCMEVGBXY\nfIWesi7Y6lhqbSgWj1EXyZF9NTo/Z4nr7Oh1ER5VSAfmhZAdyhEEEGQrg4Jq0VL3\nDJ1Y35Up79xXmVjB14COxodI5UO+55wWnXb8r/zy/eh+wv0sHwlTz56wxo7SxAOa\nxOrQj0VJ7zghLhBO7azacbVYIKpfQkJafb7XRUOqu4wt2y3/jeL+0UkWJnNMROrq\naQUB6SdGUVDwQsmodgF0rsGcQYXhaQBPu4KQo8yG8+rpqc2zewi537BJr/PWJvH0\nsJ6yYcD7VGyIleVRDpxsg7uBWelnGn+AqHignbyUcic4j/N9lYlF00AVgka2TdOp\ni5eZtp7m95v53S4fEX2HGwWpOv+AfCrSKQZGpvdNx+9JyD3LyOvFBxs4k0oZWa6J\n6FLFZ38YkLcUIzW6I6Kc\n=ztFk\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update\nAdvisory ID: RHSA-2015:0849-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0849.html\nIssue date: 2015-04-16\nCVE Names: CVE-2014-3570 CVE-2014-3586 CVE-2014-8111 \n CVE-2015-0204 CVE-2015-0226 CVE-2015-0227 \n CVE-2015-0277 \n=====================================================================\n\n1. Summary:\n\nUpdated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.0, and fix multiple security issues, several bugs, and add various\nenhancements, are now available from the Red Hat Customer Portal. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nIt was found that a prior countermeasure in Apache WSS4J for\nBleichenbacher\u0027s attack on XML Encryption (CVE-2011-2487) threw an\nexception that permitted an attacker to determine the failure of the\nattempted attack, thereby leaving WSS4J vulnerable to the attack. \nThe original flaw allowed a remote attacker to recover the entire plain\ntext form of a symmetric key. (CVE-2015-0226)\n\nA flaw was found in the way PicketLink\u0027s Service Provider and Identity\nProvider handled certain requests. A remote attacker could use this flaw to\nlog to a victim\u0027s account via PicketLink. (CVE-2015-0277)\n\nIt was discovered that a JkUnmount rule for a subtree of a previous JkMount\nrule could be ignored. This could allow a remote attacker to potentially\naccess a private artifact in a tree that would otherwise not be accessible\nto them. (CVE-2015-0204)\n\nIt was found that Apache WSS4J permitted bypass of the\nrequireSignedEncryptedDataElements configuration property via XML Signature\nwrapping attacks. A remote attacker could use this flaw to modify the\ncontents of a signed request. This flaw could\npossibly affect certain OpenSSL library functionality, such as RSA\nblinding. (CVE-2014-3570)\n\nIt was found that the Command Line Interface, as provided by Red Hat\nEnterprise Application Platform, created a history file named\n.jboss-cli-history in the user\u0027s home directory with insecure default file\npermissions. This could allow a malicious local user to gain information\notherwise not accessible to them. (CVE-2014-3586)\n\nThe CVE-2015-0277 issue was discovered by Ondrej Kotek of Red Hat. \n\nThis release of JBoss Enterprise Application Platform also includes bug\nfixes and enhancements. Documentation for these changes will be available\nshortly from the JBoss Enterprise Application Platform 6.4.0 Release Notes,\nlinked to in the References. \n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 as provided\nfrom the Red Hat Customer Portal are advised to apply this update. \nThe JBoss server process must be restarted for the update to take effect. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting Red Hat JBoss Enterprise Application Platform installation and\ndeployed applications. Bugs fixed (https://bugzilla.redhat.com/):\n\n1126687 - CVE-2014-3586 JBoss AS CLI: Insecure default permissions on history file\n1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)\n1180240 - CVE-2014-3570 openssl: Bignum squaring may produce incorrect results\n1182591 - CVE-2014-8111 Tomcat mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing\n1191446 - CVE-2015-0226 wss4j: Apache WSS4J is vulnerable to Bleichenbacher\u0027s attack (incomplete fix for CVE-2011-2487)\n1191451 - CVE-2015-0227 wss4j: Apache WSS4J doesn\u0027t correctly enforce the requireSignedEncryptedDataElements property\n1194832 - CVE-2015-0277 PicketLink: SP does not take Audience condition of a SAML assertion into account\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3570\nhttps://access.redhat.com/security/cve/CVE-2014-3586\nhttps://access.redhat.com/security/cve/CVE-2014-8111\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0226\nhttps://access.redhat.com/security/cve/CVE-2015-0227\nhttps://access.redhat.com/security/cve/CVE-2015-0277\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=appplatform\u0026version=6.4\nhttps://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g,\n when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a\n buffer pointer during certain recursive calls, which allows remote\n attackers to cause a denial of service (NULL pointer dereference\n and application crash) via vectors that trigger an alert condition\n (CVE-2014-0198). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when\n an anonymous ECDH cipher suite is used, allows remote attackers to\n cause a denial of service (NULL pointer dereference and client crash)\n by triggering a NULL certificate value (CVE-2014-3470). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The ssl23_get_client_hello function in s23_srvr.c in OpenSSL\n 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to\n use unsupported protocols, which allows remote attackers to cause a\n denial of service (NULL pointer dereference and daemon crash) via\n an unexpected handshake, as demonstrated by an SSLv3 handshake to\n a no-ssl3 application with certain error handling. NOTE: this issue\n became relevant after the CVE-2014-3568 fix (CVE-2014-3569). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n Use-after-free vulnerability in the d2i_ECPrivateKey function in\n crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,\n 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (CVE-2015-0209). \n \n The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL\n before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2\n before 1.0.2a does not reinitialize CHOICE and ADB data structures,\n which might allow attackers to cause a denial of service (invalid\n write operation and memory corruption) by leveraging an application\n that relies on ASN.1 structure reuse (CVE-2015-0287). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. \n\nRelease Date: 2015-08-24\nLast Updated: 2015-08-24\n\nPotential Security Impact: Remote unauthorized modification, unauthorized\naccess, or unauthorized disclosure of information. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Matrix\nOperating Environment. The vulnerabilities could be exploited remotely\nresulting in unauthorized modification, unauthorized access, or unauthorized\ndisclosure of information. \n\nReferences:\n\nCVE-2010-5107\nCVE-2013-0248\nCVE-2014-0118\nCVE-2014-0226\nCVE-2014-0231\nCVE-2014-1692\nCVE-2014-3523\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8142\nCVE-2014-8275\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9653\nCVE-2014-9705\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\nCVE-2015-0207\nCVE-2015-0208\nCVE-2015-0209\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0273\nCVE-2015-0285\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0288\nCVE-2015-0289\nCVE-2015-0290\nCVE-2015-0291\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-1787\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\nCVE-2015-2134\nCVE-2015-2139\nCVE-2015-2140\nCVE-2015-2301\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2787\nCVE-2015-3113\nCVE-2015-5122\nCVE-2015-5123\nCVE-2015-5402\nCVE-2015-5403\nCVE-2015-5404\nCVE-2015-5405\nCVE-2015-5427\nCVE-2015-5428\nCVE-2015-5429\nCVE-2015-5430\nCVE-2015-5431\nCVE-2015-5432\nCVE-2015-5433\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Matrix Operating Environment impacted software components and versions:\n\nHP Systems Insight Manager (SIM) prior to version 7.5.0\nHP System Management Homepage (SMH) prior to version 7.5.0\nHP Version Control Agent (VCA) prior to version 7.5.0\nHP Version Control Repository Manager (VCRM) prior to version 7.5.0\nHP Insight Orchestration prior to version 7.5.0\nHP Virtual Connect Enterprise Manager (VCEM) prior to version 7.5.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5107 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0248 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3\nCVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-1692 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2015-1788 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1789 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2015-1790 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-1791 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-1792 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-2139 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-2140 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-3113 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5122 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5123 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2015-5402 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9\nCVE-2015-5403 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\nCVE-2015-5404 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5405 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0\nCVE-2015-5427 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5428 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5429 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5430 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2015-5431 (AV:N/AC:M/Au:S/C:P/I:P/A:N) 4.9\nCVE-2015-5432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2015-5433 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities in the impacted versions of HP Matrix Operating Environment\n\nHP Matrix Operating Environment 7.5.0 is only available on DVD. Please order\nthe latest version of the HP Matrix Operating Environment 7.5.0 DVD #2 ISO\nfrom the following location:\n\nhttp://www.hp.com/go/insightupdates\n\nChoose the orange Select button. This presents the HP Insight Management\nMedia order page. Choose Insight Management 7.5 DVD-2-ZIP August 2015 from\nthe Software specification list. Fill out the rest of the form and submit it. \n\nHP has addressed these vulnerabilities for the affected software components\nbundled with the HP Matrix Operating Environment in the following HP Security\nBulletins. \n\nHP Matrix Operating Environment component\n HP Security Bulletin Number\n Security Bulletin Location\n\nHP Systems Insight Manager (SIM)\n HPSBMU03394\n HPSBMU03394\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04762744\n\nHP System Management Homepage (SMH)\n HPSBMU03380\n http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04746490\u0026la\nng=en-us\u0026cc=\n\nHP Version Control Agent (VCA)\n HPSBMU03397\n https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04765169\n\nHP Version Control Repository Manager (VCRM)\n HPSBMU03396\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04765115\n\nHP Virtual Connect Enterprise Manager (VCEM) SDK\n HPSBMU03413\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr\n_na-c04774021\n\nHISTORY\nVersion:1 (rev.1) - 24 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. OpenSSL Security Advisory [08 Jan 2015]\n=======================================\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n===========================================================\n\nSeverity: Moderate\n\nA carefully crafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. This could lead to a Denial Of Service attack. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of\nCisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL\ncore team. \n\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n=======================================================\n\nSeverity: Moderate\n\nA memory leak can occur in the dtls1_buffer_record function under certain\nconditions. In particular this could occur if an attacker sent repeated DTLS\nrecords with the same sequence number but for the next epoch. The memory leak\ncould be exploited by an attacker in a Denial of Service attack through memory\nexhaustion. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also\nprovided an initial patch. Further analysis was performed by Matt Caswell of the\nOpenSSL development team, who also developed the final patch. \n\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\n=========================================================\n\nSeverity: Low\n\nWhen openssl is built with the no-ssl3 option and a SSL v3 ClientHello is\nreceived the ssl method would be set to NULL which could later result in\na NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The\nfix was developed by Kurt Roeckx. \n\n\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n==========================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite\nusing an ECDSA certificate if the server key exchange message is omitted. This\neffectively removes forward secrecy from the ciphersuite. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n==============================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept the use of an RSA temporary key in a non-export\nRSA key exchange ciphersuite. A server could present a weak temporary key\nand downgrade the security of the session. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\n=============================================================================\n\nSeverity: Low\n\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects servers\nwhich trust a client certificate authority which issues certificates\ncontaining DH keys: these are extremely rare and hardly ever encountered. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nCertificate fingerprints can be modified (CVE-2014-8275)\n========================================================\n\nSeverity: Low\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. By modifying the contents of the\nsignature algorithm or the encoding of the signature, it is possible\nto change the certificate\u0027s fingerprint. \n\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any\nother way. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and\n0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nOne variant of this issue was discovered by Antti Karjalainen and\nTuomo Untinen from the Codenomicon CROSS program and reported to\nOpenSSL on 1st December 2014 by NCSC-FI Vulnerability\nCo-ordination. Another variant was independently reported to OpenSSL\non 12th December 2014 by Konrad Kraszewski from Google. Further\nanalysis was conducted and fixes were developed by Stephen Henson of\nthe OpenSSL core team. \n\nBignum squaring may produce incorrect results (CVE-2014-3570)\n=============================================================\n\nSeverity: Low\n\nBignum squaring (BN_sqr) may produce incorrect results on some\nplatforms, including x86_64. This bug occurs at random with a very\nlow probability, and is not known to be exploitable in any way, though\nits exact impact is difficult to determine. The following has been\ndetermined:\n\n*) The probability of BN_sqr producing an incorrect result at random\nis very low: 1/2^64 on the single affected 32-bit platform (MIPS) and\n1/2^128 on affected 64-bit platforms. \n*) On most platforms, RSA follows a different code path and RSA\noperations are not affected at all. For the remaining platforms\n(e.g. OpenSSL built without assembly support), pre-existing\ncountermeasures thwart bug attacks [1]. \n*) Static ECDH is theoretically affected: it is possible to construct\nelliptic curve points that would falsely appear to be on the given\ncurve. However, there is no known computationally feasible way to\nconstruct such points with low order, and so the security of static\nECDH private keys is believed to be unaffected. \n*) Other routines known to be theoretically affected are modular\nexponentiation, primality testing, DSA, RSA blinding, JPAKE and\nSRP. No exploits are known and straightforward bug attacks fail -\neither the attacker cannot control when the bug triggers, or no\nprivate key material is involved. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille\n(Blockstream) who also suggested an initial fix. Further analysis was\nconducted by the OpenSSL development team and Adam Langley of\nGoogle. The final fix was developed by Andy Polyakov of the OpenSSL\ncore team. \n\n[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf\n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150108.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. These vulnerabilities could be exploited remotely to create a remote\nDenial of Service (DoS) and other vulnerabilites. \n\nReferences:\n\nCVE-2014-8275 Cryptographic Issues (CWE-310)\nCVE-2014-3569 Remote Denial of Service (DoS)\nCVE-2014-3570 Cryptographic Issues (CWE-310)\nCVE-2014-3571 Remote Denial of Service (DoS)\nCVE-2014-3572 Cryptographic Issues (CWE-310)\nCVE-2015-0204 Cryptographic Issues (CWE-310)\nSSRT101885\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The\nupdates are available from either of the following sites:\n\nftp://sl098ze:Secure12@h2.usa.hp.com\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL depot name\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08ze.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08ze.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08ze.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08ze or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3570",
"trust": 2.9
},
{
"db": "JUNIPER",
"id": "JSA10679",
"trust": 1.4
},
{
"db": "BID",
"id": "71939",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10102",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10108",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033378",
"trust": 1.1
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4252",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2014-3570",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133325",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129867",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130545",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"id": "VAR-201501-0434",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38117660400000003
},
"last_update_date": "2026-04-10T22:38:15.110000Z",
"patch": {
"_id": null,
"data": [
{
"title": "openssl-1.0.0p",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53190"
},
{
"title": "openssl-0.9.8zd",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53189"
},
{
"title": "openssl-1.0.1k.tar.gz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53191"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150066 - Security Advisory"
},
{
"title": "Red Hat: CVE-2014-3570",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3570"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2459-1"
},
{
"title": "Debian Security Advisories: DSA-3125-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720150108\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-03"
},
{
"title": "Amazon Linux AMI: ALAS-2015-469",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-469"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7"
},
{
"title": "Apple: OS X Yosemite v10.10.3 and Security Update 2015-004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=aa5ab46566482c02434bb8cf65c9614e"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
},
{
"title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0849.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "https://bto.bluecoat.com/security-advisory/sa88"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.1,
"url": "https://github.com/openssl/openssl/commit/a7a44ba55cb4f884c6bc9ceac90072dea38e66d0"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/147938.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-january/148363.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/71939"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3125"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht204659"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033378"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4252/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2014-3570"
},
{
"trust": 0.3,
"url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/160"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101010784"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698818"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101008182"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700275"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097733"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005170"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097503"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883287"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097811"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097504"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902277"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699235"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903726"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700411"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=swg21700028"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005150"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701453"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959002"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699810"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0204"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2459-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=distributions\u0026version=2.1.1"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20150108.txt\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:01.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.0.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-9.3.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:01/openssl-10.1.patch.asc"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0226"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8111"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=appplatform\u0026version=6.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0226"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04746490\u0026la"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1692"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/insightupdates"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04762744"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3570"
},
{
"db": "BID",
"id": "71939"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "129973"
},
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "129870"
},
{
"db": "PACKETSTORM",
"id": "133325"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
},
{
"db": "NVD",
"id": "CVE-2014-3570"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"db": "BID",
"id": "71939",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131471",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130548",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130545",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71939",
"ident": null
},
{
"date": "2016-08-22T23:25:00",
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"date": "2015-01-15T16:53:07",
"db": "PACKETSTORM",
"id": "129973",
"ident": null
},
{
"date": "2015-04-17T06:44:37",
"db": "PACKETSTORM",
"id": "131471",
"ident": null
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044",
"ident": null
},
{
"date": "2015-01-09T17:43:35",
"db": "PACKETSTORM",
"id": "129870",
"ident": null
},
{
"date": "2015-08-26T01:35:08",
"db": "PACKETSTORM",
"id": "133325",
"ident": null
},
{
"date": "2015-01-09T02:01:10",
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"date": "2015-02-26T17:13:45",
"db": "PACKETSTORM",
"id": "130548",
"ident": null
},
{
"date": "2015-02-26T17:13:09",
"db": "PACKETSTORM",
"id": "130545",
"ident": null
},
{
"date": "2015-01-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"date": "2015-01-09T02:59:00.053000",
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-11-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3570",
"ident": null
},
{
"date": "2017-01-23T00:09:00",
"db": "BID",
"id": "71939",
"ident": null
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-160",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3570",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "131471"
},
{
"db": "PACKETSTORM",
"id": "130548"
},
{
"db": "PACKETSTORM",
"id": "130545"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "OpenSSL BN_sqr Implement encryption vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-160"
}
],
"trust": 0.6
}
}
VAR-201512-0482
Vulnerability from variot - Updated: 2026-04-10 22:16The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL Security Advisory [3 Dec 2015] - Updated [4 Dec 2015] =============================================================
[Updated 4 Dec 2015]: This advisory has been updated to include the details of CVE-2015-1794, a Low severity issue affecting OpenSSL 1.0.2 which had a fix included in the released packages but was missed from the advisory text.
NOTE: WE ANTICIPATE THAT 1.0.0t AND 0.9.8zh WILL BE THE LAST RELEASES FOR THE 0.9.8 AND 1.0.0 VERSIONS AND THAT NO MORE SECURITY FIXES WILL BE PROVIDED (AS PER PREVIOUS ANNOUNCEMENTS). USERS ARE ADVISED TO UPGRADE TO LATER VERSIONS.
BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
Severity: Moderate
There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites.
This issue affects OpenSSL version 1.0.2.
OpenSSL 1.0.2 users should upgrade to 1.0.2e
This issue was reported to OpenSSL on August 13 2015 by Hanno Böck. The fix was developed by Andy Polyakov of the OpenSSL development team.
Certificate verify crash with missing PSS parameter (CVE-2015-3194)
Severity: Moderate
The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2e OpenSSL 1.0.1 users should upgrade to 1.0.1q
This issue was reported to OpenSSL on August 27 2015 by Loïc Jonas Etienne (Qnective AG). The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
X509_ATTRIBUTE memory leak (CVE-2015-3195)
Severity: Moderate
When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected.
This issue affects OpenSSL versions 1.0.2 and 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.2 users should upgrade to 1.0.2e OpenSSL 1.0.1 users should upgrade to 1.0.1q OpenSSL 1.0.0 users should upgrade to 1.0.0t OpenSSL 0.9.8 users should upgrade to 0.9.8zh
This issue was reported to OpenSSL on November 9 2015 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
Race condition handling PSK identify hint (CVE-2015-3196)
Severity: Low
If PSK identity hints are received by a multi-threaded client then the values are wrongly updated in the parent SSL_CTX structure. This can result in a race condition potentially leading to a double free of the identify hint data.
This issue was fixed in OpenSSL 1.0.2d and 1.0.1p but has not been previously listed in an OpenSSL security advisory. This issue also affects OpenSSL 1.0.0 and has not been previously fixed in an OpenSSL 1.0.0 release.
OpenSSL 1.0.2 users should upgrade to 1.0.2d OpenSSL 1.0.1 users should upgrade to 1.0.1p OpenSSL 1.0.0 users should upgrade to 1.0.0t
The fix for this issue can be identified in the OpenSSL git repository by commit ids 3c66a669dfc7 (1.0.2), d6be3124f228 (1.0.1) and 1392c238657e (1.0.0).
The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)
Severity: Low
If a client receives a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0 then a seg fault can occur leading to a possible denial of service attack.
This issue affects OpenSSL version 1.0.2.
OpenSSL 1.0.2 users should upgrade to 1.0.2e
This issue was reported to OpenSSL on August 3 2015 by Guy Leaver (Cisco). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these versions will be provided after that date. In the absence of significant security issues being identified prior to that date, the 1.0.0t and 0.9.8zh releases will be the last for those versions. Users of these versions are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20151203.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer.
In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error.
This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation).
Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. The issue was originally found via the OSS-Fuzz project. OpenSSL Security Advisory [27 Mar 2018] ========================================
Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739)
Severity: Moderate
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. (CVE-2015-8000) Address fetch context reference count handling error on socket error. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-10-27-1 Xcode 8.1
Xcode 8.1 is now available and addresses the following:
IDE Xcode Server Available for: OS X El Capitan v10.11.5 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple issues existed in Node.js in Xcode Server. These issues were addressed by updating to Node.js version 4.5.0. CVE-2016-1669 CVE-2016-0705 CVE-2016-0797 CVE-2016-0702 CVE-2016-2086 CVE-2016-2216 CVE-2015-8027 CVE-2015-3193 CVE-2015-3194 CVE-2015-6764
Xcode 8.1 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "8.1". ============================================================================ Ubuntu Security Notice USN-2830-1 December 07, 2015
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. A remote attacker could possibly use this issue to break encryption. (CVE-2015-3193)
Lo=C3=AFc Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1 signatures with a missing PSS parameter. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-3194)
Adam Langley discovered that OpenSSL incorrectly handled malformed X509_ATTRIBUTE structures. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2015-3195)
It was discovered that OpenSSL incorrectly handled PSK identity hints. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.2
Ubuntu 15.04: libssl1.0.0 1.0.1f-1ubuntu11.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.16
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.32
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2830-1 CVE-2015-1794, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.2 https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.5 https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.16 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.32 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05398322
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05398322 Version: 1
HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-02-21 Last Updated: 2017-02-21
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE Network products including Comware 5, Comware 7, IMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2015-1794 - Remote Denial of Service (DoS)
- CVE-2015-3193 - Remote disclosure of sensitive information
- CVE-2015-3194 - Remote Denial of Service (DoS)
- CVE-2015-3195 - Remote disclosure of sensitive information
- CVE-2015-3196 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- Comware 5 (CW5) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware 7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HPE Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-1794
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-3193
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-2015-3194
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-3195
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-3196
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates to resolve the vulnerabilities in the Comware, IMC and VCX products running OpenSSL.
COMWARE 5 Products
- A6600 (Comware 5) - Version: R3303P28
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- HSR6602 (Comware 5) - Version: R3303P28
- HP Network Products
- JC176A HP 6602 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 (Comware 5) - Version: R3303P28
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- MSR20 (Comware 5) - Version: R2516
- HP Network Products
- JD432A HP A-MSR20-21 Router
- JD662A HP MSR20-20 Router
- JD663A HP A-MSR20-21 Router
- JD663B HP MSR20-21 Router
- JD664A HP MSR20-40 Router
- JF228A HP MSR20-40 Router
- JF283A HP MSR20-20 Router
- MSR20-1X (Comware 5) - Version: R2516
- HP Network Products
- JD431A HP MSR20-10 Router
- JD667A HP MSR20-15 IW Multi-Service Router
- JD668A HP MSR20-13 Multi-Service Router
- JD669A HP MSR20-13 W Multi-Service Router
- JD670A HP MSR20-15 A Multi-Service Router
- JD671A HP MSR20-15 AW Multi-Service Router
- JD672A HP MSR20-15 I Multi-Service Router
- JD673A HP MSR20-11 Multi-Service Router
- JD674A HP MSR20-12 Multi-Service Router
- JD675A HP MSR20-12 W Multi-Service Router
- JD676A HP MSR20-12 T1 Multi-Service Router
- JF236A HP MSR20-15-I Router
- JF237A HP MSR20-15-A Router
- JF238A HP MSR20-15-I-W Router
- JF239A HP MSR20-11 Router
- JF240A HP MSR20-13 Router
- JF241A HP MSR20-12 Router
- JF806A HP MSR20-12-T Router
- JF807A HP MSR20-12-W Router
- JF808A HP MSR20-13-W Router
- JF809A HP MSR20-15-A-W Router
- JF817A HP MSR20-15 Router
- JG209A HP MSR20-12-T-W Router (NA)
- JG210A HP MSR20-13-W Router (NA)
- MSR 30 (Comware 5) - Version: R2516
- HP Network Products
- JD654A HP MSR30-60 POE Multi-Service Router
- JD657A HP MSR30-40 Multi-Service Router
- JD658A HP MSR30-60 Multi-Service Router
- JD660A HP MSR30-20 POE Multi-Service Router
- JD661A HP MSR30-40 POE Multi-Service Router
- JD666A HP MSR30-20 Multi-Service Router
- JF229A HP MSR30-40 Router
- JF230A HP MSR30-60 Router
- JF232A HP RTMSR3040-AC-OVSAS-H3
- JF235A HP MSR30-20 DC Router
- JF284A HP MSR30-20 Router
- JF287A HP MSR30-40 DC Router
- JF801A HP MSR30-60 DC Router
- JF802A HP MSR30-20 PoE Router
- JF803A HP MSR30-40 PoE Router
- JF804A HP MSR30-60 PoE Router
- JG728A HP MSR30-20 TAA-compliant DC Router
- JG729A HP MSR30-20 TAA-compliant Router
- MSR 30-16 (Comware 5) - Version: R2516
- HP Network Products
- JD659A HP MSR30-16 POE Multi-Service Router
- JD665A HP MSR30-16 Multi-Service Router
- JF233A HP MSR30-16 Router
- JF234A HP MSR30-16 PoE Router
- MSR 30-1X (Comware 5) - Version: R2516
- HP Network Products
- JF800A HP MSR30-11 Router
- JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr
- JG182A HP MSR30-11E Router
- JG183A HP MSR30-11F Router
- JG184A HP MSR30-10 DC Router
- MSR 50 (Comware 5) - Version: R2516
- HP Network Products
- JD433A HP MSR50-40 Router
- JD653A HP MSR50 Processor Module
- JD655A HP MSR50-40 Multi-Service Router
- JD656A HP MSR50-60 Multi-Service Router
- JF231A HP MSR50-60 Router
- JF285A HP MSR50-40 DC Router
- JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply
- MSR 50-G2 (Comware 5) - Version: R2516
- HP Network Products
- JD429A HP MSR50 G2 Processor Module
- JD429B HP MSR50 G2 Processor Module
- MSR 9XX (Comware 5) - Version: R2516
- HP Network Products
- JF812A HP MSR900 Router
- JF813A HP MSR920 Router
- JF814A HP MSR900-W Router
- JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr
- JG207A HP MSR900-W Router (NA)
- JG208A HP MSR920-W Router (NA)
- MSR 93X (Comware 5) - Version: R2516
- HP Network Products
- JG511A HP MSR930 Router
- JG511B HP MSR930 Router
- JG512A HP MSR930 Wireless Router
- JG513A HP MSR930 3G Router
- JG513B HP MSR930 3G Router
- JG514A HP MSR931 Router
- JG514B HP MSR931 Router
- JG515A HP MSR931 3G Router
- JG516A HP MSR933 Router
- JG517A HP MSR933 3G Router
- JG518A HP MSR935 Router
- JG518B HP MSR935 Router
- JG519A HP MSR935 Wireless Router
- JG520A HP MSR935 3G Router
- JG531A HP MSR931 Dual 3G Router
- JG531B HP MSR931 Dual 3G Router
- JG596A HP MSR930 4G LTE/3G CDMA Router
- JG597A HP MSR936 Wireless Router
- JG665A HP MSR930 4G LTE/3G WCDMA Global Router
- JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
- JH009A HP MSR931 Serial (TI) Router
- JH010A HP MSR933 G.SHDSL (TI) Router
- JH011A HP MSR935 ADSL2+ (TI) Router
- JH012A HP MSR930 Wireless 802.11n (NA) Router
- JH012B HP MSR930 Wireless 802.11n (NA) Router
- JH013A HP MSR935 Wireless 802.11n (NA) Router
- MSR1000 (Comware 5) - Version: See Mitigation
- HP Network Products
- JG732A HP MSR1003-8 AC Router
- 12500 (Comware 5) - Version: R1829P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JC808A HP 12500 TAA Main Processing Unit
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- 9500E (Comware 5) - Version: R1829P02
- HP Network Products
- JC124A HP A9508 Switch Chassis
- JC124B HP 9505 Switch Chassis
- JC125A HP A9512 Switch Chassis
- JC125B HP 9512 Switch Chassis
- JC474A HP A9508-V Switch Chassis
- JC474B HP 9508-V Switch Chassis
- 10500 (Comware 5) - Version: R1210P02
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC614A HP 10500 Main Processing Unit
- JC748A HP 10512 Switch Chassis
- JG375A HP 10500 TAA-compliant Main Processing Unit
- JG820A HP 10504 TAA-compliant Switch Chassis
- JG821A HP 10508 TAA-compliant Switch Chassis
- JG822A HP 10508-V TAA-compliant Switch Chassis
- JG823A HP 10512 TAA-compliant Switch Chassis
- 7500 (Comware 5) - Version: R6710P02
- HP Network Products
- JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo
- JC697A HP 7502 TAA-compliant Main Processing Unit
- JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports
- JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports
- JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit
- JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit
- JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD194A HP 7500 384Gbps Fabric Module
- JD194B HP 7500 384Gbps Fabric Module
- JD195A HP 7500 384Gbps Advanced Fabric Module
- JD196A HP 7502 Fabric Module
- JD220A HP 7500 768Gbps Fabric Module
- JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports
- JD238A HP 7510 Switch Chassis
- JD238B HP 7510 Switch Chassis
- JD239A HP 7506 Switch Chassis
- JD239B HP 7506 Switch Chassis
- JD240A HP 7503 Switch Chassis
- JD240B HP 7503 Switch Chassis
- JD241A HP 7506-V Switch Chassis
- JD241B HP 7506-V Switch Chassis
- JD242A HP 7502 Switch Chassis
- JD242B HP 7502 Switch Chassis
- JD243A HP 7503-S Switch Chassis with 1 Fabric Slot
- JD243B HP 7503-S Switch Chassis with 1 Fabric Slot
- JE164A HP E7902 Switch Chassis
- JE165A HP E7903 Switch Chassis
- JE166A HP E7903 1 Fabric Slot Switch Chassis
- JE167A HP E7906 Switch Chassis
- JE168A HP E7906 Vertical Switch Chassis
- JE169A HP E7910 Switch Chassis
- 6125G/XG Blade Switch - Version: R2112P05
- HP Network Products
- 737220-B21 HP 6125G Blade Switch with TAA
- 737226-B21 HP 6125G/XG Blade Switch with TAA
- 658250-B21 HP 6125G/XG Blade Switch Opt Kit
- 658247-B21 HP 6125G Blade Switch Opt Kit
- 5830 (Comware 5) - Version: R1118P13
- HP Network Products
- JC691A HP 5830AF-48G Switch with 1 Interface Slot
- JC694A HP 5830AF-96G Switch
- JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot
- JG374A HP 5830AF-96G TAA-compliant Switch
- 5800 (Comware 5) - Version: R1810P03
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
- 5500 HI (Comware 5) - Version: R5501P21
- HP Network Products
- JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots
- JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots
- JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots
- JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots
- 5500 EI (Comware 5) - Version: R2221P22
- HP Network Products
- JD373A HP 5500-24G DC EI Switch
- JD374A HP 5500-24G-SFP EI Switch
- JD375A HP 5500-48G EI Switch
- JD376A HP 5500-48G-PoE EI Switch
- JD377A HP 5500-24G EI Switch
- JD378A HP 5500-24G-PoE EI Switch
- JD379A HP 5500-24G-SFP DC EI Switch
- JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots
- JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots
- JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface
- JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots
- JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots
- JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- 4800G (Comware 5) - Version: R2221P22
- HP Network Products
- JD007A HP 4800-24G Switch
- JD008A HP 4800-24G-PoE Switch
- JD009A HP 4800-24G-SFP Switch
- JD010A HP 4800-48G Switch
- JD011A HP 4800-48G-PoE Switch
- 5500SI (Comware 5) - Version: R2221P22
- HP Network Products
- JD369A HP 5500-24G SI Switch
- JD370A HP 5500-48G SI Switch
- JD371A HP 5500-24G-PoE SI Switch
- JD372A HP 5500-48G-PoE SI Switch
- JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots
- JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots
- 4500G (Comware 5) - Version: R2221P22
- HP Network Products
- JF428A HP 4510-48G Switch
- JF847A HP 4510-24G Switch
- 5120 EI (Comware 5) - Version: R2221P22
- HP Network Products
- JE066A HP 5120-24G EI Switch
- JE067A HP 5120-48G EI Switch
- JE068A HP 5120-24G EI Switch with 2 Interface Slots
- JE069A HP 5120-48G EI Switch with 2 Interface Slots
- JE070A HP 5120-24G-PoE EI 2-slot Switch
- JE071A HP 5120-48G-PoE EI 2-slot Switch
- JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots
- JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots
- JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots
- JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots
- JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots
- JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots
- 4210G (Comware 5) - Version: R2221P22
- HP Network Products
- JF844A HP 4210-24G Switch
- JF845A HP 4210-48G Switch
- JF846A HP 4210-24G-PoE Switch
- 5120 SI (Comware 5) - Version: R1517
- HP Network Products
- JE072A HP 5120-48G SI Switch
- JE072B HPE 5120 48G SI Switch
- JE073A HP 5120-16G SI Switch
- JE073B HPE 5120 16G SI Switch
- JE074A HP 5120-24G SI Switch
- JE074B HPE 5120 24G SI Switch
- JG091A HP 5120-24G-PoE+ (370W) SI Switch
- JG091B HPE 5120 24G PoE+ (370W) SI Switch
- JG092A HP 5120-24G-PoE+ (170W) SI Switch
- JG309B HPE 5120 8G PoE+ (180W) SI Switch
- JG310B HPE 5120 8G PoE+ (65W) SI Switch
- 3610 (Comware 5) - Version: R5319P15
- HP Network Products
- JD335A HP 3610-48 Switch
- JD336A HP 3610-24-4G-SFP Switch
- JD337A HP 3610-24-2G-2G-SFP Switch
- JD338A HP 3610-24-SFP Switch
- 3600V2 (Comware 5) - Version: R2111P01
- HP Network Products
- JG299A HP 3600-24 v2 EI Switch
- JG299B HP 3600-24 v2 EI Switch
- JG300A HP 3600-48 v2 EI Switch
- JG300B HP 3600-48 v2 EI Switch
- JG301A HP 3600-24-PoE+ v2 EI Switch
- JG301B HP 3600-24-PoE+ v2 EI Switch
- JG301C HP 3600-24-PoE+ v2 EI Switch
- JG302A HP 3600-48-PoE+ v2 EI Switch
- JG302B HP 3600-48-PoE+ v2 EI Switch
- JG302C HP 3600-48-PoE+ v2 EI Switch
- JG303A HP 3600-24-SFP v2 EI Switch
- JG303B HP 3600-24-SFP v2 EI Switch
- JG304A HP 3600-24 v2 SI Switch
- JG304B HP 3600-24 v2 SI Switch
- JG305A HP 3600-48 v2 SI Switch
- JG305B HP 3600-48 v2 SI Switch
- JG306A HP 3600-24-PoE+ v2 SI Switch
- JG306B HP 3600-24-PoE+ v2 SI Switch
- JG306C HP 3600-24-PoE+ v2 SI Switch
- JG307A HP 3600-48-PoE+ v2 SI Switch
- JG307B HP 3600-48-PoE+ v2 SI Switch
- JG307C HP 3600-48-PoE+ v2 SI Switch
- 3100V2 (Comware 5) - Version: R5213P01
- HP Network Products
- JD313B HPE 3100 24 PoE v2 EI Switch
- JD318B HPE 3100 8 v2 EI Switch
- JD319B HPE 3100 16 v2 EI Switch
- JD320B HPE 3100 24 v2 EI Switch
- JG221A HPE 3100 8 v2 SI Switch
- JG222A HPE 3100 16 v2 SI Switch
- JG223A HPE 3100 24 v2 SI Switch
- HP870 (Comware 5) - Version: R2607P51
- HP Network Products
- JG723A HP 870 Unified Wired-WLAN Appliance
- JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance
- HP850 (Comware 5) - Version: R2607P51
- HP Network Products
- JG722A HP 850 Unified Wired-WLAN Appliance
- JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance
- HP830 (Comware 5) - Version: R3507P51
- HP Network Products
- JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch
- JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch
- JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch
- JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant
- HP6000 (Comware 5) - Version: R2507P44
- HP Network Products
- JG639A HP 10500/7500 20G Unified Wired-WLAN Module
- JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module
- WX5004-EI (Comware 5) - Version: R2507P44
- HP Network Products
- JD447B HP WX5002 Access Controller
- JD448A HP WX5004 Access Controller
- JD448B HP WX5004 Access Controller
- JD469A HP WX5004 Access Controller
- SecBlade FW (Comware 5) - Version: R3181P07
- HP Network Products
- JC635A HP 12500 VPN Firewall Module
- JD245A HP 9500 VPN Firewall Module
- JD249A HP 10500/7500 Advanced VPN Firewall Module
- JD250A HP 6600 Firewall Processing Router Module
- JD251A HP 8800 Firewall Processing Module
- JD255A HP 5820 VPN Firewall Module
- F1000-E (Comware 5) - Version: TBD still fixing
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- F1000-A-EI (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG214A HP F1000-A-EI VPN Firewall Appliance
- F1000-S-EI (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG213A HP F1000-S-EI VPN Firewall Appliance
- F5000-A (Comware 5) - Version: F3210P26
- HP Network Products
- JD259A HP A5000-A5 VPN Firewall Chassis
- JG215A HP F5000 Firewall Main Processing Unit
- JG216A HP F5000 Firewall Standalone Chassis
- U200S and CS (Comware 5) - Version: F5123P33
- HP Network Products
- JD273A HP U200-S UTM Appliance
- U200A and M (Comware 5) - Version: F5123P33
- HP Network Products
- JD275A HP U200-A UTM Appliance
- F5000-C/S (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG650A HP F5000-C VPN Firewall Appliance
- JG370A HP F5000-S VPN Firewall Appliance
- SecBlade III (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG371A HP 12500 20Gbps VPN Firewall Module
- JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module
- 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HPE FlexNetwork 6608 Router Chassis
- JC178A HPE FlexNetwork 6604 Router Chassis
- JC178B HPE FlexNetwork 6604 Router Chassis
- JC496A HPE FlexNetwork 6616 Router Chassis
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU
- HP Network Products
- JC176A HP 6602 Router Chassis
- HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- SMB1910 (Comware 5) - Version: R1113
- HP Network Products
- JG540A HP 1910-48 Switch
- JG539A HP 1910-24-PoE+ Switch
- JG538A HP 1910-24 Switch
- JG537A HP 1910-8 -PoE+ Switch
- JG536A HP 1910-8 Switch
- SMB1920 (Comware 5) - Version: R1112
- HP Network Products
- JG928A HP 1920-48G-PoE+ (370W) Switch
- JG927A HP 1920-48G Switch
- JG926A HP 1920-24G-PoE+ (370W) Switch
- JG925A HP 1920-24G-PoE+ (180W) Switch
- JG924A HP 1920-24G Switch
- JG923A HP 1920-16G Switch
- JG922A HP 1920-8G-PoE+ (180W) Switch
- JG921A HP 1920-8G-PoE+ (65W) Switch
- JG920A HP 1920-8G Switch
- V1910 (Comware 5) - Version: R1517P01
- HP Network Products
- JE005A HP 1910-16G Switch
- JE006A HP 1910-24G Switch
- JE007A HP 1910-24G-PoE (365W) Switch
- JE008A HP 1910-24G-PoE(170W) Switch
- JE009A HP 1910-48G Switch
- JG348A HP 1910-8G Switch
- JG349A HP 1910-8G-PoE+ (65W) Switch
- JG350A HP 1910-8G-PoE+ (180W) Switch
- SMB 1620 (Comware 5) - Version: R1110
- HP Network Products
- JG914A HP 1620-48G Switch
- JG913A HP 1620-24G Switch
- JG912A HP 1620-8G Switch
- NJ5000 - Version: R1107
- HP Network Products
- JH237A HPE FlexNetwork NJ5000 5G PoE+ Walljack
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- 10500 (Comware 7) - Version: R7180
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- 12900 (Comware 7) - Version: R1150
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) - Version: R2432P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- MSR1000 (Comware 7) - Version: R0306P12
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) - Version: R0306P12
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) - Version: R0306P12
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) - Version: R0306P12
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) - Version: E0322P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) - Version: R2150
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) - Version: R3113P02
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- 6125XLG - Version: R2432P01
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- 6127XLG - Version: R2432P01
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- Moonshot - Version: R2432P01
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- 5700 (Comware 7) - Version: R2432P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) - Version: R2432P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6600 (Comware 7) - Version: R7103P09
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) - Version: R7103P09
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 (Comware 7) - Version: R3113P02
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- 7500 (Comware 7) - Version: R7180
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- 5510HI (Comware 7) - Version: R1120
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- 5130HI (Comware 7) - Version: R1120
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
iMC Products
- IMC PLAT - Version: 7.2 E0403P04
- HP Network Products
- JD125A HP IMC Std S/W Platform w/100-node
- JD126A HP IMC Ent S/W Platform w/100-node
- JD808A HP IMC Ent Platform w/100-node License
- JD814A HP A-IMC Enterprise Edition Software DVD Media
- JD815A HP IMC Std Platform w/100-node License
- JD816A HP A-IMC Standard Edition Software DVD Media
- JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
- JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
- JF377A HP IMC Std S/W Platform w/100-node Lic
- JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
- JF378A HP IMC Ent S/W Platform w/200-node Lic
- JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
- JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
- JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
- JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
- JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
- JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
- JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU
- IMC iNode - Version: 7.2 E0407
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- iMC UAM_TAM - Version: 7.1 E0406
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- IMC WSM - Version: 7.2 E0502P04
- HP Network Products
- JD456A HP IMC WSM Software Module with 50-Access Point License
- JF414A HP IMC Wireless Service Manager Software Module with 50-Access Point License
- JF414AAE HP IMC Wireless Service Manager Software Module with 50-Access Point E-LTU
- JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager Module Upgrade with 250 Access Point E-LTU
- JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU
- JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg with 250-node E-LTU
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 21 February 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBCAAGBQJYrLMnAAoJELXhAxt7SZaiF8wH/3YruymhIoADdbuMZwr+LWqo FC2sM1bBsBSOc1sUJCjMqyIlHqXhugsz2SnMqkhyVL+icWrpj7DoH0JYAOfVW8sN nJqBmv+p16bIWeNEhOouSzzvxaXgcA8YtnEKTbPqi2wzvi4slUVzN3mHFa0BbgrO qvgr2UNU1V9SFxj1VA0BkJqXrinu7YmWyIl1VeccZJQX0LI9DIkgIKcYqU88E7jC CAd/P8CBwQvj0+hfYSysab5U1I1exk0rUXcX3Wmp/56LbgT5jrGjx6O9cvFZyE5O Bi/Xlu/GDBa6pw3kZsPEH5dqohLFFA0R7ayvg7f4ggfrskWrQn8c7RgogVw2FLs= =yvIR -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz: Upgraded. This update fixes the following security issues: BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193). Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794). For more information, see: https://openssl.org/news/secadv_20151203.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196 ( Security fix ) patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zh-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zh-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zh-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1q-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1q-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1q-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2e-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2e-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2e-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2e-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 5e45a22283b41aaf4f867918746ebc1d openssl-0.9.8zh-i486-1_slack13.0.txz 0ad74b36ce143d28e15dfcfcf1fcb483 openssl-solibs-0.9.8zh-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: c360d323a2bed57c62d6699b2d4be65e openssl-0.9.8zh-x86_64-1_slack13.0.txz 122240badbfbe51c842a9102d3cfe30f openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 1bf98b27573b20a7de5f6359f3eadbd7 openssl-0.9.8zh-i486-1_slack13.1.txz 2b732f1f29de1cb6078fd1ddda8eb9ec openssl-solibs-0.9.8zh-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: 735c3bbc55902ec57e46370cde32ea4b openssl-0.9.8zh-x86_64-1_slack13.1.txz 483f506f3b86572e60fe4c46a67c226b openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 9af41ba336c64b92d5bbd86c17a93e94 openssl-0.9.8zh-i486-1_slack13.37.txz b83170b9c5ec56b4e2dc882b3c64b306 openssl-solibs-0.9.8zh-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 2220ff161d0bf3635d2dea7caae6e5e7 openssl-0.9.8zh-x86_64-1_slack13.37.txz 17b3e8884f383e3327d5e4a6080634cb openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz
Slackware 14.0 packages: ced42bc3799f2b54aeb3b631a2864b90 openssl-1.0.1q-i486-1_slack14.0.txz 52965f98ee30e8f3d22bde6b0fe7f53b openssl-solibs-1.0.1q-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: cbf49f09bdcebc61cf7fcb2857dc3a71 openssl-1.0.1q-x86_64-1_slack14.0.txz 156911f58b71ee6369467d8fec34a59f openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 36d5f60b634788d4315ffb46ef6d4d88 openssl-1.0.1q-i486-1_slack14.1.txz fc18f566a9a2f5c6adb15d288245403a openssl-solibs-1.0.1q-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 03f1832417a79f73b35180a39ae4fb16 openssl-1.0.1q-x86_64-1_slack14.1.txz bf447792f23deb14e1fe3f008a6b78a7 openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz
Slackware -current packages: 27b2974199a970392ed2192bf4a207a9 a/openssl-solibs-1.0.2e-i586-1.txz 940a7653a6cadb44ce143d3b0e0eaa16 n/openssl-1.0.2e-i586-1.txz
Slackware x86_64 -current packages: 8636a45f49d186d505b356b9be66309b a/openssl-solibs-1.0.2e-x86_64-1.txz 87c33a76a94993864a52bfe4e5d5b2f0 n/openssl-1.0.2e-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1q-i486-1_slack14.1.txz openssl-solibs-1.0.1q-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.2"
},
{
"_id": null,
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.3"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"_id": null,
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"_id": null,
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"_id": null,
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.1.1"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "sun ray software",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "4.71"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "5.2"
},
{
"_id": null,
"model": "secure global desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "4.63"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "oncommand unified manager host package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "oncommand unified manager for clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"_id": null,
"model": "oncommand report",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "manageability sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "altavault",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"_id": null,
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"_id": null,
"model": "ctpview 7.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "ctpview 7.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"_id": null,
"model": "security network controller 1.0.3394m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"_id": null,
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.9"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.10"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.17"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.16"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.19"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "qlogic 8gb intelligent pass-thru module \u0026 san switch module for",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014111002"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014091001"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090801"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090800"
},
{
"_id": null,
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090300"
},
{
"_id": null,
"model": "mq light client module for node.js 1.0.2014091000-red",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "vcx",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"_id": null,
"model": "comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "50"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.5"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.4"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.3"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.2"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.1"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.4"
},
{
"_id": null,
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"_id": null,
"model": "fortiwan",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortivoiceos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortiswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.1"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.3"
},
{
"_id": null,
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.2"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.0.1"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.5"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.4"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.0"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.4"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"_id": null,
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortidb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "forticlient ios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"_id": null,
"model": "forticlient android",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.4.0650"
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3.633"
},
{
"_id": null,
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.3.091"
},
{
"_id": null,
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"_id": null,
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2"
},
{
"_id": null,
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.2.1"
},
{
"_id": null,
"model": "fortiadc",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.4.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.5"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.4"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.4"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.3"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"_id": null,
"model": "xcode",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.5"
},
{
"_id": null,
"model": "project openssl 1.0.2e",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"_id": null,
"model": "ctpview 7.3r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "ctpview 7.1r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.11"
},
{
"_id": null,
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.18"
},
{
"_id": null,
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.16.00"
},
{
"_id": null,
"model": "qlogic 8gb intelligent pass-thru module \u0026 san switch module for",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10.1.38.00"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"_id": null,
"model": "flex system fc3171 8gb san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"_id": null,
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"_id": null,
"model": "wx5004-ei (comware r2507p44",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "vsr (comware e0322p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "vcx",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.8.19"
},
{
"_id": null,
"model": "(comware r1517p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "v19105)"
},
{
"_id": null,
"model": "u200s and cs (comware f5123p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "u200a and m (comware f5123p33",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "smb1920 (comware r1112",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "smb1910 (comware r1113",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "smb (comware r1110",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "16205)"
},
{
"_id": null,
"model": "secblade fw (comware r3181p07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "nj5000 r1107",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "msr4000 (comware r0306p12",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "msr3000 (comware r0306p12",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "msr2000 (comware r0306p12",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "msr20-1x (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "msr20 (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "msr1000 (comware r0306p12",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9xx5)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "93x5)"
},
{
"_id": null,
"model": "msr 50-g2 (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "505)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "30-1x5)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "30-165)"
},
{
"_id": null,
"model": "msr (comware r2516",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "305)"
},
{
"_id": null,
"model": "moonshot r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "imc wsm e0502p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "imc uam tam e0406",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "imc plat e0403p04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "imc inode e0407",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "hsr6800 ru r3303p28.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"_id": null,
"model": "hsr6800 (comware r7103p09",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "hsr6800 (comware r3303p28",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hsr6602 ru r3303p28.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5"
},
{
"_id": null,
"model": "hsr6602 (comware r3303p28",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hsr6600 (comware r7103p09",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "hp870 (comware r2607p51",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hp850 (comware r2607p51",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hp830 (comware r3507p51",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hp6000 (comware r2507p44",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "f5000-a (comware f3210p26",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "a6600 (comware r3303p28",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "9500e (comware r1829p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "(comware r2150",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "79007)"
},
{
"_id": null,
"model": "(comware r7180",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "75007)"
},
{
"_id": null,
"model": "(comware r6710p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "75005)"
},
{
"_id": null,
"model": "ru r3303p28.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66025"
},
{
"_id": null,
"model": "rse ru r3303p28.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66005"
},
{
"_id": null,
"model": "rpe ru r3303p28.ru",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "66005"
},
{
"_id": null,
"model": "6127xlg r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "6125xlg r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "6125g/xg blade switch r2112p05",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "(comware r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "59307)"
},
{
"_id": null,
"model": "(comware r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "59007)"
},
{
"_id": null,
"model": "(comware r1118p13",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58305)"
},
{
"_id": null,
"model": "(comware r1810p03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "58005)"
},
{
"_id": null,
"model": "(comware r2432p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "57007)"
},
{
"_id": null,
"model": "5510hi (comware r1120",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "5500si (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "hi (comware r5501p21",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "55005)"
},
{
"_id": null,
"model": "ei (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "55005)"
},
{
"_id": null,
"model": "5130hi (comware r1120",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7)"
},
{
"_id": null,
"model": "(comware r3113p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51307)"
},
{
"_id": null,
"model": "si (comware r1517",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51205)"
},
{
"_id": null,
"model": "ei (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51205)"
},
{
"_id": null,
"model": "4800g (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "4500g (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "4210g (comware r2221p22",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5)"
},
{
"_id": null,
"model": "(comware r5319p15",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "36105)"
},
{
"_id": null,
"model": "(comware r2111p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3600v25)"
},
{
"_id": null,
"model": "(comware r5213p01",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3100v25)"
},
{
"_id": null,
"model": "(comware r3113p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "19507)"
},
{
"_id": null,
"model": "(comware r1150",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "129007)"
},
{
"_id": null,
"model": "(comware r7377",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "125007)"
},
{
"_id": null,
"model": "(comware r1829p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "125005)"
},
{
"_id": null,
"model": "(comware r7180",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "105007)"
},
{
"_id": null,
"model": "(comware r1210p02",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "105005)"
},
{
"_id": null,
"model": "xcode",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
}
],
"sources": [
{
"db": "BID",
"id": "78705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "NVD",
"id": "CVE-2015-3193"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:secure_global_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:vm_virtualbox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:sun_ray_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
}
]
},
"credits": {
"_id": null,
"data": "Hanno B\u00f6ck",
"sources": [
{
"db": "BID",
"id": "78705"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3193",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3193",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-3193",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3193",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3193",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2015-3193",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3193"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "NVD",
"id": "CVE-2015-3193"
}
]
},
"description": {
"_id": null,
"data": "The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. OpenSSL is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL Security Advisory [3 Dec 2015] - Updated [4 Dec 2015]\n=============================================================\n\n[Updated 4 Dec 2015]: This advisory has been updated to include the details of\nCVE-2015-1794, a Low severity issue affecting OpenSSL 1.0.2 which had a fix\nincluded in the released packages but was missed from the advisory text. \n\nNOTE: WE ANTICIPATE THAT 1.0.0t AND 0.9.8zh WILL BE THE LAST RELEASES FOR THE\n0.9.8 AND 1.0.0 VERSIONS AND THAT NO MORE SECURITY FIXES WILL BE PROVIDED (AS\nPER PREVIOUS ANNOUNCEMENTS). USERS ARE ADVISED TO UPGRADE TO LATER VERSIONS. \n\nBN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)\n==================================================================\n\nSeverity: Moderate\n\nThere is a carry propagating bug in the x86_64 Montgomery squaring procedure. No\nEC algorithms are affected. Analysis suggests that attacks against RSA and DSA\nas a result of this defect would be very difficult to perform and are not\nbelieved likely. Attacks against DH are considered just feasible (although very\ndifficult) because most of the work necessary to deduce information\nabout a private key may be performed offline. The amount of resources\nrequired for such an attack would be very significant and likely only\naccessible to a limited number of attackers. An attacker would\nadditionally need online access to an unpatched system using the target\nprivate key in a scenario with persistent DH parameters and a private\nkey that is shared between multiple clients. For example this can occur by\ndefault in OpenSSL DHE based SSL/TLS ciphersuites. \n\nThis issue affects OpenSSL version 1.0.2. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2e\n\nThis issue was reported to OpenSSL on August 13 2015 by Hanno\nB\u00f6ck. The fix was developed by Andy Polyakov of the OpenSSL\ndevelopment team. \n\nCertificate verify crash with missing PSS parameter (CVE-2015-3194)\n===================================================================\n\nSeverity: Moderate\n\nThe signature verification routines will crash with a NULL pointer dereference\nif presented with an ASN.1 signature using the RSA PSS algorithm and absent\nmask generation function parameter. Since these routines are used to verify\ncertificate signature algorithms this can be used to crash any certificate\nverification operation and exploited in a DoS attack. Any application which\nperforms certificate verification is vulnerable including OpenSSL clients and\nservers which enable client authentication. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2e\nOpenSSL 1.0.1 users should upgrade to 1.0.1q\n\nThis issue was reported to OpenSSL on August 27 2015 by Lo\u00efc Jonas Etienne\n(Qnective AG). The fix was developed by Dr. Stephen Henson of the OpenSSL\ndevelopment team. \n\nX509_ATTRIBUTE memory leak (CVE-2015-3195)\n==========================================\n\nSeverity: Moderate\n\nWhen presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak\nmemory. This structure is used by the PKCS#7 and CMS routines so any\napplication which reads PKCS#7 or CMS data from untrusted sources is affected. \nSSL/TLS is not affected. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2e\nOpenSSL 1.0.1 users should upgrade to 1.0.1q\nOpenSSL 1.0.0 users should upgrade to 1.0.0t\nOpenSSL 0.9.8 users should upgrade to 0.9.8zh\n\nThis issue was reported to OpenSSL on November 9 2015 by Adam Langley\n(Google/BoringSSL) using libFuzzer. The fix was developed by Dr. Stephen\nHenson of the OpenSSL development team. \n\nRace condition handling PSK identify hint (CVE-2015-3196)\n=========================================================\n\nSeverity: Low\n\nIf PSK identity hints are received by a multi-threaded client then\nthe values are wrongly updated in the parent SSL_CTX structure. This can\nresult in a race condition potentially leading to a double free of the\nidentify hint data. \n\nThis issue was fixed in OpenSSL 1.0.2d and 1.0.1p but has not been previously\nlisted in an OpenSSL security advisory. This issue also affects OpenSSL 1.0.0\nand has not been previously fixed in an OpenSSL 1.0.0 release. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2d\nOpenSSL 1.0.1 users should upgrade to 1.0.1p\nOpenSSL 1.0.0 users should upgrade to 1.0.0t\n\nThe fix for this issue can be identified in the OpenSSL git repository by commit\nids 3c66a669dfc7 (1.0.2), d6be3124f228 (1.0.1) and 1392c238657e (1.0.0). \n\nThe fix was developed by Dr. Stephen Henson of the OpenSSL development team. \n\nAnon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)\n============================================================\n\nSeverity: Low\n\nIf a client receives a ServerKeyExchange for an anonymous DH ciphersuite with\nthe value of p set to 0 then a seg fault can occur leading to a possible denial\nof service attack. \n\nThis issue affects OpenSSL version 1.0.2. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2e\n\nThis issue was reported to OpenSSL on August 3 2015 by Guy Leaver (Cisco). The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nversions will be provided after that date. In the absence of significant\nsecurity issues being identified prior to that date, the 1.0.0t and 0.9.8zh\nreleases will be the last for those versions. Users of these versions are\nadvised to upgrade. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20151203.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. The intent was that if a fatal error occurred during a handshake then\nOpenSSL would move into the error state and would immediately fail if you\nattempted to continue the handshake. This works as designed for the explicit\nhandshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),\nhowever due to a bug it does not work correctly if SSL_read() or SSL_write() is\ncalled directly. In that scenario, if the handshake fails then a fatal error\nwill be returned in the initial function call. If SSL_read()/SSL_write() is\nsubsequently called by the application for the same SSL object then it will\nsucceed and the data is passed without being decrypted/encrypted directly from\nthe SSL/TLS record layer. \n\nIn order to exploit this issue an application bug would have to be present that\nresulted in a call to SSL_read()/SSL_write() being issued after having already\nreceived a fatal error. \n\nThis only affects processors that support the AVX2 but not ADX extensions\nlike Intel Haswell (4th generation). \n\nNote: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732\nand CVE-2015-3193. The issue was originally found via the OSS-Fuzz project. \nOpenSSL Security Advisory [27 Mar 2018]\n========================================\n\nConstructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739)\n==========================================================================================\n\nSeverity: Moderate\n\nConstructed ASN.1 types with a recursive definition (such as can be found in\nPKCS7) could eventually exceed the stack given malicious input with\nexcessive recursion. This could result in a Denial Of Service attack. There are\nno such structures used within SSL/TLS that come from untrusted sources so this\nis considered safe. \nThis allows an attacker to forge messages that would be considered as\nauthenticated in an amount of tries lower than that guaranteed by the security\nclaims of the scheme. The module can only be compiled by the HP-UX assembler, so\nthat only HP-UX PA-RISC targets are affected. \n Insufficient testing when parsing a message allowed records with an\n incorrect class to be be accepted, triggering a REQUIRE failure when\n those records were subsequently cached. (CVE-2015-8000)\n Address fetch context reference count handling error on socket error. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-10-27-1 Xcode 8.1\n\nXcode 8.1 is now available and addresses the following:\n\nIDE Xcode Server\nAvailable for: OS X El Capitan v10.11.5 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple issues existed in Node.js in Xcode Server. \nThese issues were addressed by updating to Node.js version 4.5.0. \nCVE-2016-1669\nCVE-2016-0705\nCVE-2016-0797\nCVE-2016-0702\nCVE-2016-2086\nCVE-2016-2216\nCVE-2015-8027\nCVE-2015-3193\nCVE-2015-3194\nCVE-2015-6764\n\nXcode 8.1 may be obtained from:\n\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"8.1\". ============================================================================\nUbuntu Security Notice USN-2830-1\nDecember 07, 2015\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.10\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nGuy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange\nfor an anonymous DH ciphersuite with the value of p set to 0. A remote\nattacker could possibly use this issue to cause OpenSSL to crash, resulting\nin a denial of service. A remote\nattacker could possibly use this issue to break encryption. (CVE-2015-3193)\n\nLo=C3=AFc Jonas Etienne discovered that OpenSSL incorrectly handled ASN.1\nsignatures with a missing PSS parameter. A remote attacker could possibly\nuse this issue to cause OpenSSL to crash, resulting in a denial of service. \n(CVE-2015-3194)\n\nAdam Langley discovered that OpenSSL incorrectly handled malformed\nX509_ATTRIBUTE structures. A remote attacker could possibly use this issue\nto cause OpenSSL to consume resources, resulting in a denial of service. \n(CVE-2015-3195)\n\nIt was discovered that OpenSSL incorrectly handled PSK identity hints. A\nremote attacker could possibly use this issue to cause OpenSSL to crash,\nresulting in a denial of service. This issue only applied to Ubuntu 12.04\nLTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-3196)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.10:\n libssl1.0.0 1.0.2d-0ubuntu1.2\n\nUbuntu 15.04:\n libssl1.0.0 1.0.1f-1ubuntu11.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.16\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.32\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2830-1\n CVE-2015-1794, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195,\n CVE-2015-3196\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.2\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.5\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.16\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.32\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05398322\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05398322\nVersion: 1\n\nHPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-02-21\nLast Updated: 2017-02-21\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nNetwork products including Comware 5, Comware 7, IMC, and VCX. The\nvulnerabilities could be remotely exploited resulting in Denial of Service\n(DoS) or disclosure of sensitive information. \n\nReferences:\n\n - CVE-2015-1794 - Remote Denial of Service (DoS)\n - CVE-2015-3193 - Remote disclosure of sensitive information\n - CVE-2015-3194 - Remote Denial of Service (DoS)\n - CVE-2015-3195 - Remote disclosure of sensitive information\n - CVE-2015-3196 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - Comware 5 (CW5) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - Comware 7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HPE Intelligent Management Center (iMC) All versions - Please refer to\nthe RESOLUTION below for a list of updated products. \n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-1794\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-3193\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n CVE-2015-3194\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-3195\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-3196\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates to resolve the vulnerabilities in\nthe Comware, IMC and VCX products running OpenSSL. \n\n\n**COMWARE 5 Products**\n\n + **A6600 (Comware 5) - Version: R3303P28**\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **HSR6602 (Comware 5) - Version: R3303P28**\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 (Comware 5) - Version: R3303P28**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **MSR20 (Comware 5) - Version: R2516**\n * HP Network Products\n - JD432A HP A-MSR20-21 Router\n - JD662A HP MSR20-20 Router\n - JD663A HP A-MSR20-21 Router\n - JD663B HP MSR20-21 Router\n - JD664A HP MSR20-40 Router\n - JF228A HP MSR20-40 Router\n - JF283A HP MSR20-20 Router\n + **MSR20-1X (Comware 5) - Version: R2516**\n * HP Network Products\n - JD431A HP MSR20-10 Router\n - JD667A HP MSR20-15 IW Multi-Service Router\n - JD668A HP MSR20-13 Multi-Service Router\n - JD669A HP MSR20-13 W Multi-Service Router\n - JD670A HP MSR20-15 A Multi-Service Router\n - JD671A HP MSR20-15 AW Multi-Service Router\n - JD672A HP MSR20-15 I Multi-Service Router\n - JD673A HP MSR20-11 Multi-Service Router\n - JD674A HP MSR20-12 Multi-Service Router\n - JD675A HP MSR20-12 W Multi-Service Router\n - JD676A HP MSR20-12 T1 Multi-Service Router\n - JF236A HP MSR20-15-I Router\n - JF237A HP MSR20-15-A Router\n - JF238A HP MSR20-15-I-W Router\n - JF239A HP MSR20-11 Router\n - JF240A HP MSR20-13 Router\n - JF241A HP MSR20-12 Router\n - JF806A HP MSR20-12-T Router\n - JF807A HP MSR20-12-W Router\n - JF808A HP MSR20-13-W Router\n - JF809A HP MSR20-15-A-W Router\n - JF817A HP MSR20-15 Router\n - JG209A HP MSR20-12-T-W Router (NA)\n - JG210A HP MSR20-13-W Router (NA)\n + **MSR 30 (Comware 5) - Version: R2516**\n * HP Network Products\n - JD654A HP MSR30-60 POE Multi-Service Router\n - JD657A HP MSR30-40 Multi-Service Router\n - JD658A HP MSR30-60 Multi-Service Router\n - JD660A HP MSR30-20 POE Multi-Service Router\n - JD661A HP MSR30-40 POE Multi-Service Router\n - JD666A HP MSR30-20 Multi-Service Router\n - JF229A HP MSR30-40 Router\n - JF230A HP MSR30-60 Router\n - JF232A HP RTMSR3040-AC-OVSAS-H3\n - JF235A HP MSR30-20 DC Router\n - JF284A HP MSR30-20 Router\n - JF287A HP MSR30-40 DC Router\n - JF801A HP MSR30-60 DC Router\n - JF802A HP MSR30-20 PoE Router\n - JF803A HP MSR30-40 PoE Router\n - JF804A HP MSR30-60 PoE Router\n - JG728A HP MSR30-20 TAA-compliant DC Router\n - JG729A HP MSR30-20 TAA-compliant Router\n + **MSR 30-16 (Comware 5) - Version: R2516**\n * HP Network Products\n - JD659A HP MSR30-16 POE Multi-Service Router\n - JD665A HP MSR30-16 Multi-Service Router\n - JF233A HP MSR30-16 Router\n - JF234A HP MSR30-16 PoE Router\n + **MSR 30-1X (Comware 5) - Version: R2516**\n * HP Network Products\n - JF800A HP MSR30-11 Router\n - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\n - JG182A HP MSR30-11E Router\n - JG183A HP MSR30-11F Router\n - JG184A HP MSR30-10 DC Router\n + **MSR 50 (Comware 5) - Version: R2516**\n * HP Network Products\n - JD433A HP MSR50-40 Router\n - JD653A HP MSR50 Processor Module\n - JD655A HP MSR50-40 Multi-Service Router\n - JD656A HP MSR50-60 Multi-Service Router\n - JF231A HP MSR50-60 Router\n - JF285A HP MSR50-40 DC Router\n - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n + **MSR 50-G2 (Comware 5) - Version: R2516**\n * HP Network Products\n - JD429A HP MSR50 G2 Processor Module\n - JD429B HP MSR50 G2 Processor Module\n + **MSR 9XX (Comware 5) - Version: R2516**\n * HP Network Products\n - JF812A HP MSR900 Router\n - JF813A HP MSR920 Router\n - JF814A HP MSR900-W Router\n - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr\n - JG207A HP MSR900-W Router (NA)\n - JG208A HP MSR920-W Router (NA)\n + **MSR 93X (Comware 5) - Version: R2516**\n * HP Network Products\n - JG511A HP MSR930 Router\n - JG511B HP MSR930 Router\n - JG512A HP MSR930 Wireless Router\n - JG513A HP MSR930 3G Router\n - JG513B HP MSR930 3G Router\n - JG514A HP MSR931 Router\n - JG514B HP MSR931 Router\n - JG515A HP MSR931 3G Router\n - JG516A HP MSR933 Router\n - JG517A HP MSR933 3G Router\n - JG518A HP MSR935 Router\n - JG518B HP MSR935 Router\n - JG519A HP MSR935 Wireless Router\n - JG520A HP MSR935 3G Router\n - JG531A HP MSR931 Dual 3G Router\n - JG531B HP MSR931 Dual 3G Router\n - JG596A HP MSR930 4G LTE/3G CDMA Router\n - JG597A HP MSR936 Wireless Router\n - JG665A HP MSR930 4G LTE/3G WCDMA Global Router\n - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n - JH009A HP MSR931 Serial (TI) Router\n - JH010A HP MSR933 G.SHDSL (TI) Router\n - JH011A HP MSR935 ADSL2+ (TI) Router\n - JH012A HP MSR930 Wireless 802.11n (NA) Router\n - JH012B HP MSR930 Wireless 802.11n (NA) Router\n - JH013A HP MSR935 Wireless 802.11n (NA) Router\n + **MSR1000 (Comware 5) - Version: See Mitigation**\n * HP Network Products\n - JG732A HP MSR1003-8 AC Router\n + **12500 (Comware 5) - Version: R1829P02**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JC808A HP 12500 TAA Main Processing Unit\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n + **9500E (Comware 5) - Version: R1829P02**\n * HP Network Products\n - JC124A HP A9508 Switch Chassis\n - JC124B HP 9505 Switch Chassis\n - JC125A HP A9512 Switch Chassis\n - JC125B HP 9512 Switch Chassis\n - JC474A HP A9508-V Switch Chassis\n - JC474B HP 9508-V Switch Chassis\n + **10500 (Comware 5) - Version: R1210P02**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC614A HP 10500 Main Processing Unit\n - JC748A HP 10512 Switch Chassis\n - JG375A HP 10500 TAA-compliant Main Processing Unit\n - JG820A HP 10504 TAA-compliant Switch Chassis\n - JG821A HP 10508 TAA-compliant Switch Chassis\n - JG822A HP 10508-V TAA-compliant Switch Chassis\n - JG823A HP 10512 TAA-compliant Switch Chassis\n + **7500 (Comware 5) - Version: R6710P02**\n * HP Network Products\n - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port\nGig-T/4-port GbE Combo\n - JC697A HP 7502 TAA-compliant Main Processing Unit\n - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8\nGbE Combo Ports\n - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP\nPorts\n - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD194A HP 7500 384Gbps Fabric Module\n - JD194B HP 7500 384Gbps Fabric Module\n - JD195A HP 7500 384Gbps Advanced Fabric Module\n - JD196A HP 7502 Fabric Module\n - JD220A HP 7500 768Gbps Fabric Module\n - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports\n - JD238A HP 7510 Switch Chassis\n - JD238B HP 7510 Switch Chassis\n - JD239A HP 7506 Switch Chassis\n - JD239B HP 7506 Switch Chassis\n - JD240A HP 7503 Switch Chassis\n - JD240B HP 7503 Switch Chassis\n - JD241A HP 7506-V Switch Chassis\n - JD241B HP 7506-V Switch Chassis\n - JD242A HP 7502 Switch Chassis\n - JD242B HP 7502 Switch Chassis\n - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot\n - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot\n - JE164A HP E7902 Switch Chassis\n - JE165A HP E7903 Switch Chassis\n - JE166A HP E7903 1 Fabric Slot Switch Chassis\n - JE167A HP E7906 Switch Chassis\n - JE168A HP E7906 Vertical Switch Chassis\n - JE169A HP E7910 Switch Chassis\n + **6125G/XG Blade Switch - Version: R2112P05**\n * HP Network Products\n - 737220-B21 HP 6125G Blade Switch with TAA\n - 737226-B21 HP 6125G/XG Blade Switch with TAA\n - 658250-B21 HP 6125G/XG Blade Switch Opt Kit\n - 658247-B21 HP 6125G Blade Switch Opt Kit\n + **5830 (Comware 5) - Version: R1118P13**\n * HP Network Products\n - JC691A HP 5830AF-48G Switch with 1 Interface Slot\n - JC694A HP 5830AF-96G Switch\n - JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot\n - JG374A HP 5830AF-96G TAA-compliant Switch\n + **5800 (Comware 5) - Version: R1810P03**\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n + **5500 HI (Comware 5) - Version: R5501P21**\n * HP Network Products\n - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots\n - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots\n - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots\n - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots\n + **5500 EI (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JD373A HP 5500-24G DC EI Switch\n - JD374A HP 5500-24G-SFP EI Switch\n - JD375A HP 5500-48G EI Switch\n - JD376A HP 5500-48G-PoE EI Switch\n - JD377A HP 5500-24G EI Switch\n - JD378A HP 5500-24G-PoE EI Switch\n - JD379A HP 5500-24G-SFP DC EI Switch\n - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots\n - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots\n - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface\n - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n + **4800G (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JD007A HP 4800-24G Switch\n - JD008A HP 4800-24G-PoE Switch\n - JD009A HP 4800-24G-SFP Switch\n - JD010A HP 4800-48G Switch\n - JD011A HP 4800-48G-PoE Switch\n + **5500SI (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JD369A HP 5500-24G SI Switch\n - JD370A HP 5500-48G SI Switch\n - JD371A HP 5500-24G-PoE SI Switch\n - JD372A HP 5500-48G-PoE SI Switch\n - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots\n - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots\n + **4500G (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JF428A HP 4510-48G Switch\n - JF847A HP 4510-24G Switch\n + **5120 EI (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JE066A HP 5120-24G EI Switch\n - JE067A HP 5120-48G EI Switch\n - JE068A HP 5120-24G EI Switch with 2 Interface Slots\n - JE069A HP 5120-48G EI Switch with 2 Interface Slots\n - JE070A HP 5120-24G-PoE EI 2-slot Switch\n - JE071A HP 5120-48G-PoE EI 2-slot Switch\n - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots\n - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots\n - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n + **4210G (Comware 5) - Version: R2221P22**\n * HP Network Products\n - JF844A HP 4210-24G Switch\n - JF845A HP 4210-48G Switch\n - JF846A HP 4210-24G-PoE Switch\n + **5120 SI (Comware 5) - Version: R1517**\n * HP Network Products\n - JE072A HP 5120-48G SI Switch\n - JE072B HPE 5120 48G SI Switch\n - JE073A HP 5120-16G SI Switch\n - JE073B HPE 5120 16G SI Switch\n - JE074A HP 5120-24G SI Switch\n - JE074B HPE 5120 24G SI Switch\n - JG091A HP 5120-24G-PoE+ (370W) SI Switch\n - JG091B HPE 5120 24G PoE+ (370W) SI Switch\n - JG092A HP 5120-24G-PoE+ (170W) SI Switch\n - JG309B HPE 5120 8G PoE+ (180W) SI Switch\n - JG310B HPE 5120 8G PoE+ (65W) SI Switch\n + **3610 (Comware 5) - Version: R5319P15**\n * HP Network Products\n - JD335A HP 3610-48 Switch\n - JD336A HP 3610-24-4G-SFP Switch\n - JD337A HP 3610-24-2G-2G-SFP Switch\n - JD338A HP 3610-24-SFP Switch\n + **3600V2 (Comware 5) - Version: R2111P01**\n * HP Network Products\n - JG299A HP 3600-24 v2 EI Switch\n - JG299B HP 3600-24 v2 EI Switch\n - JG300A HP 3600-48 v2 EI Switch\n - JG300B HP 3600-48 v2 EI Switch\n - JG301A HP 3600-24-PoE+ v2 EI Switch\n - JG301B HP 3600-24-PoE+ v2 EI Switch\n - JG301C HP 3600-24-PoE+ v2 EI Switch\n - JG302A HP 3600-48-PoE+ v2 EI Switch\n - JG302B HP 3600-48-PoE+ v2 EI Switch\n - JG302C HP 3600-48-PoE+ v2 EI Switch\n - JG303A HP 3600-24-SFP v2 EI Switch\n - JG303B HP 3600-24-SFP v2 EI Switch\n - JG304A HP 3600-24 v2 SI Switch\n - JG304B HP 3600-24 v2 SI Switch\n - JG305A HP 3600-48 v2 SI Switch\n - JG305B HP 3600-48 v2 SI Switch\n - JG306A HP 3600-24-PoE+ v2 SI Switch\n - JG306B HP 3600-24-PoE+ v2 SI Switch\n - JG306C HP 3600-24-PoE+ v2 SI Switch\n - JG307A HP 3600-48-PoE+ v2 SI Switch\n - JG307B HP 3600-48-PoE+ v2 SI Switch\n - JG307C HP 3600-48-PoE+ v2 SI Switch\n + **3100V2 (Comware 5) - Version: R5213P01**\n * HP Network Products\n - JD313B HPE 3100 24 PoE v2 EI Switch\n - JD318B HPE 3100 8 v2 EI Switch\n - JD319B HPE 3100 16 v2 EI Switch\n - JD320B HPE 3100 24 v2 EI Switch\n - JG221A HPE 3100 8 v2 SI Switch\n - JG222A HPE 3100 16 v2 SI Switch\n - JG223A HPE 3100 24 v2 SI Switch\n + **HP870 (Comware 5) - Version: R2607P51**\n * HP Network Products\n - JG723A HP 870 Unified Wired-WLAN Appliance\n - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance\n + **HP850 (Comware 5) - Version: R2607P51**\n * HP Network Products\n - JG722A HP 850 Unified Wired-WLAN Appliance\n - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance\n + **HP830 (Comware 5) - Version: R3507P51**\n * HP Network Products\n - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch\n - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch\n - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch\n - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant\n + **HP6000 (Comware 5) - Version: R2507P44**\n * HP Network Products\n - JG639A HP 10500/7500 20G Unified Wired-WLAN Module\n - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module\n + **WX5004-EI (Comware 5) - Version: R2507P44**\n * HP Network Products\n - JD447B HP WX5002 Access Controller\n - JD448A HP WX5004 Access Controller\n - JD448B HP WX5004 Access Controller\n - JD469A HP WX5004 Access Controller\n + **SecBlade FW (Comware 5) - Version: R3181P07**\n * HP Network Products\n - JC635A HP 12500 VPN Firewall Module\n - JD245A HP 9500 VPN Firewall Module\n - JD249A HP 10500/7500 Advanced VPN Firewall Module\n - JD250A HP 6600 Firewall Processing Router Module\n - JD251A HP 8800 Firewall Processing Module\n - JD255A HP 5820 VPN Firewall Module\n + **F1000-E (Comware 5) - Version: TBD still fixing**\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n + **F1000-A-EI (Comware 5) - Version: TBD still fixing**\n * HP Network Products\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n + **F1000-S-EI (Comware 5) - Version: TBD still fixing**\n * HP Network Products\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n + **F5000-A (Comware 5) - Version: F3210P26**\n * HP Network Products\n - JD259A HP A5000-A5 VPN Firewall Chassis\n - JG215A HP F5000 Firewall Main Processing Unit\n - JG216A HP F5000 Firewall Standalone Chassis\n + **U200S and CS (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD273A HP U200-S UTM Appliance\n + **U200A and M (Comware 5) - Version: F5123P33**\n * HP Network Products\n - JD275A HP U200-A UTM Appliance\n + **F5000-C/S (Comware 5) - Version: TBD still fixing**\n * HP Network Products\n - JG650A HP F5000-C VPN Firewall Appliance\n - JG370A HP F5000-S VPN Firewall Appliance\n + **SecBlade III (Comware 5) - Version: TBD still fixing**\n * HP Network Products\n - JG371A HP 12500 20Gbps VPN Firewall Module\n - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module\n + **6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n + **6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU**\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HPE FlexNetwork 6608 Router Chassis\n - JC178A HPE FlexNetwork 6604 Router Chassis\n - JC178B HPE FlexNetwork 6604 Router Chassis\n - JC496A HPE FlexNetwork 6616 Router Chassis\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n + **6602 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU**\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n + **HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU**\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n + **HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P28.RU**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n + **SMB1910 (Comware 5) - Version: R1113**\n * HP Network Products\n - JG540A HP 1910-48 Switch\n - JG539A HP 1910-24-PoE+ Switch\n - JG538A HP 1910-24 Switch\n - JG537A HP 1910-8 -PoE+ Switch\n - JG536A HP 1910-8 Switch\n + **SMB1920 (Comware 5) - Version: R1112**\n * HP Network Products\n - JG928A HP 1920-48G-PoE+ (370W) Switch\n - JG927A HP 1920-48G Switch\n - JG926A HP 1920-24G-PoE+ (370W) Switch\n - JG925A HP 1920-24G-PoE+ (180W) Switch\n - JG924A HP 1920-24G Switch\n - JG923A HP 1920-16G Switch\n - JG922A HP 1920-8G-PoE+ (180W) Switch\n - JG921A HP 1920-8G-PoE+ (65W) Switch\n - JG920A HP 1920-8G Switch\n + **V1910 (Comware 5) - Version: R1517P01**\n * HP Network Products\n - JE005A HP 1910-16G Switch\n - JE006A HP 1910-24G Switch\n - JE007A HP 1910-24G-PoE (365W) Switch\n - JE008A HP 1910-24G-PoE(170W) Switch\n - JE009A HP 1910-48G Switch\n - JG348A HP 1910-8G Switch\n - JG349A HP 1910-8G-PoE+ (65W) Switch\n - JG350A HP 1910-8G-PoE+ (180W) Switch\n + **SMB 1620 (Comware 5) - Version: R1110**\n * HP Network Products\n - JG914A HP 1620-48G Switch\n - JG913A HP 1620-24G Switch\n - JG912A HP 1620-8G Switch\n + **NJ5000 - Version: R1107**\n * HP Network Products\n - JH237A HPE FlexNetwork NJ5000 5G PoE+ Walljack\n\n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n + **10500 (Comware 7) - Version: R7180**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n + **12900 (Comware 7) - Version: R1150**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + **5900 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + **MSR1000 (Comware 7) - Version: R0306P12**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + **MSR2000 (Comware 7) - Version: R0306P12**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + **MSR3000 (Comware 7) - Version: R0306P12**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + **MSR4000 (Comware 7) - Version: R0306P12**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + **VSR (Comware 7) - Version: E0322P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + **7900 (Comware 7) - Version: R2150**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + **5130 (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n + **6125XLG - Version: R2432P01**\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n + **6127XLG - Version: R2432P01**\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n + **Moonshot - Version: R2432P01**\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n + **5700 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + **5930 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + **HSR6600 (Comware 7) - Version: R7103P09**\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + **HSR6800 (Comware 7) - Version: R7103P09**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n + **1950 (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n + **7500 (Comware 7) - Version: R7180**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n + **5510HI (Comware 7) - Version: R1120**\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n + **5130HI (Comware 7) - Version: R1120**\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n\n\n**iMC Products**\n\n + **IMC PLAT - Version: 7.2 E0403P04**\n * HP Network Products\n - JD125A HP IMC Std S/W Platform w/100-node\n - JD126A HP IMC Ent S/W Platform w/100-node\n - JD808A HP IMC Ent Platform w/100-node License\n - JD814A HP A-IMC Enterprise Edition Software DVD Media\n - JD815A HP IMC Std Platform w/100-node License\n - JD816A HP A-IMC Standard Edition Software DVD Media\n - JF288AAE HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n - JF289AAE HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n - JF377A HP IMC Std S/W Platform w/100-node Lic\n - JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU\n - JF378A HP IMC Ent S/W Platform w/200-node Lic\n - JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU\n - JG546AAE HP IMC Basic SW Platform w/50-node E-LTU\n - JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n - JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\n - JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU\n - JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n - JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n + **IMC iNode - Version: 7.2 E0407**\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n + **iMC UAM_TAM - Version: 7.1 E0406**\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n + **IMC WSM - Version: 7.2 E0502P04**\n * HP Network Products\n - JD456A HP IMC WSM Software Module with 50-Access Point License\n - JF414A HP IMC Wireless Service Manager Software Module with 50-Access\nPoint License\n - JF414AAE HP IMC Wireless Service Manager Software Module with\n50-Access Point E-LTU\n - JG551AAE HP PCM+ Mobility Manager to IMC Wireless Service Manager\nModule Upgrade with 250 Access Point E-LTU\n - JG758AAE HP IMC WSM/RTLS w/ 50-node E-LTU\n - JG769AAE HP PCM Mobility Manager to IMC Wireless Service Manager Upg\nwith 250-node E-LTU\n\n**VCX Products**\n\n + **VCX - Version: 9.8.19**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 21 February 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQEcBAEBCAAGBQJYrLMnAAoJELXhAxt7SZaiF8wH/3YruymhIoADdbuMZwr+LWqo\nFC2sM1bBsBSOc1sUJCjMqyIlHqXhugsz2SnMqkhyVL+icWrpj7DoH0JYAOfVW8sN\nnJqBmv+p16bIWeNEhOouSzzvxaXgcA8YtnEKTbPqi2wzvi4slUVzN3mHFa0BbgrO\nqvgr2UNU1V9SFxj1VA0BkJqXrinu7YmWyIl1VeccZJQX0LI9DIkgIKcYqU88E7jC\nCAd/P8CBwQvj0+hfYSysab5U1I1exk0rUXcX3Wmp/56LbgT5jrGjx6O9cvFZyE5O\nBi/Xlu/GDBa6pw3kZsPEH5dqohLFFA0R7ayvg7f4ggfrskWrQn8c7RgogVw2FLs=\n=yvIR\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz: Upgraded. \n This update fixes the following security issues:\n BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193). \n Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794). \n For more information, see:\n https://openssl.org/news/secadv_20151203.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zh-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zh-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zh-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zh-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zh-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1q-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1q-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1q-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1q-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2e-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2e-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2e-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2e-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n5e45a22283b41aaf4f867918746ebc1d openssl-0.9.8zh-i486-1_slack13.0.txz\n0ad74b36ce143d28e15dfcfcf1fcb483 openssl-solibs-0.9.8zh-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\nc360d323a2bed57c62d6699b2d4be65e openssl-0.9.8zh-x86_64-1_slack13.0.txz\n122240badbfbe51c842a9102d3cfe30f openssl-solibs-0.9.8zh-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n1bf98b27573b20a7de5f6359f3eadbd7 openssl-0.9.8zh-i486-1_slack13.1.txz\n2b732f1f29de1cb6078fd1ddda8eb9ec openssl-solibs-0.9.8zh-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n735c3bbc55902ec57e46370cde32ea4b openssl-0.9.8zh-x86_64-1_slack13.1.txz\n483f506f3b86572e60fe4c46a67c226b openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n9af41ba336c64b92d5bbd86c17a93e94 openssl-0.9.8zh-i486-1_slack13.37.txz\nb83170b9c5ec56b4e2dc882b3c64b306 openssl-solibs-0.9.8zh-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n2220ff161d0bf3635d2dea7caae6e5e7 openssl-0.9.8zh-x86_64-1_slack13.37.txz\n17b3e8884f383e3327d5e4a6080634cb openssl-solibs-0.9.8zh-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nced42bc3799f2b54aeb3b631a2864b90 openssl-1.0.1q-i486-1_slack14.0.txz\n52965f98ee30e8f3d22bde6b0fe7f53b openssl-solibs-1.0.1q-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\ncbf49f09bdcebc61cf7fcb2857dc3a71 openssl-1.0.1q-x86_64-1_slack14.0.txz\n156911f58b71ee6369467d8fec34a59f openssl-solibs-1.0.1q-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n36d5f60b634788d4315ffb46ef6d4d88 openssl-1.0.1q-i486-1_slack14.1.txz\nfc18f566a9a2f5c6adb15d288245403a openssl-solibs-1.0.1q-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n03f1832417a79f73b35180a39ae4fb16 openssl-1.0.1q-x86_64-1_slack14.1.txz\nbf447792f23deb14e1fe3f008a6b78a7 openssl-solibs-1.0.1q-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n27b2974199a970392ed2192bf4a207a9 a/openssl-solibs-1.0.2e-i586-1.txz\n940a7653a6cadb44ce143d3b0e0eaa16 n/openssl-1.0.2e-i586-1.txz\n\nSlackware x86_64 -current packages:\n8636a45f49d186d505b356b9be66309b a/openssl-solibs-1.0.2e-x86_64-1.txz\n87c33a76a94993864a52bfe4e5d5b2f0 n/openssl-1.0.2e-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1q-i486-1_slack14.1.txz openssl-solibs-1.0.1q-i486-1_slack14.1.txz \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3193"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "BID",
"id": "78705"
},
{
"db": "VULMON",
"id": "CVE-2015-3193"
},
{
"db": "PACKETSTORM",
"id": "169632"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "PACKETSTORM",
"id": "169626"
},
{
"db": "PACKETSTORM",
"id": "134875"
},
{
"db": "PACKETSTORM",
"id": "139380"
},
{
"db": "PACKETSTORM",
"id": "134652"
},
{
"db": "PACKETSTORM",
"id": "141239"
},
{
"db": "PACKETSTORM",
"id": "134859"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-3193",
"trust": 3.0
},
{
"db": "BID",
"id": "78705",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10761",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034294",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40100",
"trust": 1.1
},
{
"db": "ISC",
"id": "AA-01438",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU95113540",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114",
"trust": 0.8
},
{
"db": "MCAFEE",
"id": "SB10203",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3193",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169655",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169626",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134875",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139380",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141239",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134859",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3193"
},
{
"db": "BID",
"id": "78705"
},
{
"db": "PACKETSTORM",
"id": "169632"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "PACKETSTORM",
"id": "169626"
},
{
"db": "PACKETSTORM",
"id": "134875"
},
{
"db": "PACKETSTORM",
"id": "139380"
},
{
"db": "PACKETSTORM",
"id": "134652"
},
{
"db": "PACKETSTORM",
"id": "141239"
},
{
"db": "PACKETSTORM",
"id": "134859"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "NVD",
"id": "CVE-2015-3193"
}
]
},
"id": "VAR-201512-0482",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46873640666666666
},
"last_update_date": "2026-04-10T22:16:28.476000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Release Strategy",
"trust": 0.8,
"url": "https://www.openssl.org/policies/releasestrat.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "bn/asm/x86_64-mont5.pl: fix carry propagating bug (CVE-2015-3193).",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72"
},
{
"title": "BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)",
"trust": 0.8,
"url": "http://openssl.org/news/secadv/20151203.txt"
},
{
"title": "Oracle Critical Patch Update CVSS V2 Risk Matrices - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"title": "Bug 1288317",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288317"
},
{
"title": "April 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2016_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "Arch Linux Advisories: [ASA-201701-37] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201701-37"
},
{
"title": "Arch Linux Advisories: [ASA-201701-36] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201701-36"
},
{
"title": "Red Hat: CVE-2015-3193",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3193"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2830-1"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151204-openssl"
},
{
"title": "Symantec Security Advisories: SA105 : OpenSSL Vulnerabilities 3-Dec-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=a924415f718a299b2d1e8046890941f3"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=525e4e31765e47b9e53b24e880af9d6e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "bignum-fuzz",
"trust": 0.1,
"url": "https://github.com/hannob/bignum-fuzz "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2015-3193 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2017-3732 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2017-3738 "
},
{
"title": "fuzzing-stuff",
"trust": 0.1,
"url": "https://github.com/alphaSeclab/fuzzing-stuff "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/aravindb26/new.txt "
},
{
"title": "afl-cve",
"trust": 0.1,
"url": "https://github.com/mrash/afl-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3193"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "NVD",
"id": "CVE-2015-3193"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://blog.fuzzing-project.org/31-fuzzing-math-miscalculations-in-openssls-bn_mod_exp-cve-2015-3193.html"
},
{
"trust": 1.4,
"url": "http://openssl.org/news/secadv/20151203.txt"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2830-1"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288317"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40100"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "http://fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"trust": 1.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151204-openssl"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.754583"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2015\u0026m=slackware-security.539966"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/article/aa-01438"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10761"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05398322"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034294"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/78705"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=d73cc256c8e256c32ed959456101b73ba9842f72"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3193"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3193"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95113540/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3193"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05398322"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1794"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.3,
"url": "https://kb.netapp.com/support/index?page=content\u0026id=9010051\u0026actp=rss"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10761\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2016/oct/msg00005.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10203"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099426"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021091"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979528"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974168"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980969"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982172"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982608"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982883"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983532"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982347"
},
{
"trust": 0.2,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0701"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.2,
"url": "http://slackware.com"
},
{
"trust": 0.2,
"url": "http://osuosl.org)"
},
{
"trust": 0.2,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/hannob/bignum-fuzz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42528"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2830-1/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20151203.txt"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20171207.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20180327.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0733"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8461"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8000"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8461"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8027"
},
{
"trust": 0.1,
"url": "https://developer.apple.com/xcode/downloads/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1669"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu11.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.32"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://openssl.org/news/secadv_20151203.txt"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1794"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3193"
},
{
"db": "BID",
"id": "78705"
},
{
"db": "PACKETSTORM",
"id": "169632"
},
{
"db": "PACKETSTORM",
"id": "169655"
},
{
"db": "PACKETSTORM",
"id": "169626"
},
{
"db": "PACKETSTORM",
"id": "134875"
},
{
"db": "PACKETSTORM",
"id": "139380"
},
{
"db": "PACKETSTORM",
"id": "134652"
},
{
"db": "PACKETSTORM",
"id": "141239"
},
{
"db": "PACKETSTORM",
"id": "134859"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
},
{
"db": "NVD",
"id": "CVE-2015-3193"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-3193",
"ident": null
},
{
"db": "BID",
"id": "78705",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169632",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169655",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169626",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134875",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "139380",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134652",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "141239",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134859",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006114",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3193",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-12-06T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3193",
"ident": null
},
{
"date": "2015-12-03T00:00:00",
"db": "BID",
"id": "78705",
"ident": null
},
{
"date": "2015-12-03T12:12:12",
"db": "PACKETSTORM",
"id": "169632",
"ident": null
},
{
"date": "2017-12-07T12:12:12",
"db": "PACKETSTORM",
"id": "169655",
"ident": null
},
{
"date": "2018-03-27T12:12:12",
"db": "PACKETSTORM",
"id": "169626",
"ident": null
},
{
"date": "2015-12-16T20:23:20",
"db": "PACKETSTORM",
"id": "134875",
"ident": null
},
{
"date": "2016-10-28T12:22:22",
"db": "PACKETSTORM",
"id": "139380",
"ident": null
},
{
"date": "2015-12-07T16:36:58",
"db": "PACKETSTORM",
"id": "134652",
"ident": null
},
{
"date": "2017-02-23T17:10:09",
"db": "PACKETSTORM",
"id": "141239",
"ident": null
},
{
"date": "2015-12-16T20:20:47",
"db": "PACKETSTORM",
"id": "134859",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006114",
"ident": null
},
{
"date": "2015-12-06T20:59:02.613000",
"db": "NVD",
"id": "CVE-2015-3193",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3193",
"ident": null
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "78705",
"ident": null
},
{
"date": "2016-08-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006114",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3193",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "78705"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "BN_mod_exp Used in x86_64 Run on the platform OpenSSL of crypto/bn/asm/x86_64-mont5.pl Vulnerabilities in which important private key information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006114"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "78705"
}
],
"trust": 0.3
}
}
VAR-201501-0338
Vulnerability from variot - Updated: 2026-03-09 22:30The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is" FREAK It is also called “attack”. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release serves as a replacement for Red Hat JBoss Web Server 2.1.0, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.1 Release Notes, linked to in the References section, for information on the most significant of these changes.
Security Fix(es):
-
It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). Solution:
Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
The References section of this erratum contains a download link (you must log in to download the update).
Release Date: 2015-05-19 Last Updated: 2015-05-19
Potential Security Impact: Remote Denial of Service (DoS) and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities.
References:
CVE-2015-0204 CVE-2015-0286 CVE-2015-0287 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-0209 CVE-2015-0288 SSRT102000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before v0.9.8zf
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to resolve these vulnerabilities. The updates are available from the following URL:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I
HP-UX Release HP-UX OpenSSL depot name
B.11.11 (11i v1) OpenSSL_A.00.09.08zf.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08zf.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08zf.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install HP-UX OpenSSL A.00.09.08zf or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.001 or subsequent
HP-UX B.11.23
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.002 or subsequent
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.003 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 20 May 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
HP ThinPro Linux (x86) v5.1 HP ThinPro Linux (x86) v5.0 HP ThinPro Linux (x86) v4.4 HP ThinPro Linux (x86) v4.3 HP ThinPro Linux (x86) v4.2 HP ThinPro Linux (x86) v4.1 HP ThinPro Linux (ARM) v4.4 HP ThinPro Linux (ARM) v4.3 HP ThinPro Linux (ARM) v4.2 HP ThinPro Linux (ARM) v4.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software updates to resolve the vulnerability for HP ThinPro Linux.
Softpaq: http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe
Easy Update Via ThinPro / EasyUpdate (x86):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all- 4.4-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
Via ThinPro / EasyUpdate (ARM):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all- 4.4-armel.xar
Note: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch applied, VMware cannot connect if security level is set to "Refuse insecure connections". Updating VMware to the latest package on ftp.hp.com will solve the problem. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0800-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0800.html Issue date: 2015-04-13 CVE Names: CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2015-0204)
An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2014-8275)
An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. (CVE-2015-0287)
A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)
A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)
Red Hat would like to thank the OpenSSL project for reporting CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Emilia Käsper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Käsper of the OpenSSL development team as the original reporters of CVE-2015-0293.
All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) 1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues 1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption 1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference 1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding 1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: openssl-0.9.8e-33.el5_11.src.rpm
i386: openssl-0.9.8e-33.el5_11.i386.rpm openssl-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-perl-0.9.8e-33.el5_11.i386.rpm
x86_64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.x86_64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-perl-0.9.8e-33.el5_11.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: openssl-0.9.8e-33.el5_11.src.rpm
i386: openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm
x86_64: openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: openssl-0.9.8e-33.el5_11.src.rpm
i386: openssl-0.9.8e-33.el5_11.i386.rpm openssl-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-perl-0.9.8e-33.el5_11.i386.rpm
ia64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.ia64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.ia64.rpm openssl-devel-0.9.8e-33.el5_11.ia64.rpm openssl-perl-0.9.8e-33.el5_11.ia64.rpm
ppc: openssl-0.9.8e-33.el5_11.ppc.rpm openssl-0.9.8e-33.el5_11.ppc64.rpm openssl-debuginfo-0.9.8e-33.el5_11.ppc.rpm openssl-debuginfo-0.9.8e-33.el5_11.ppc64.rpm openssl-devel-0.9.8e-33.el5_11.ppc.rpm openssl-devel-0.9.8e-33.el5_11.ppc64.rpm openssl-perl-0.9.8e-33.el5_11.ppc.rpm
s390x: openssl-0.9.8e-33.el5_11.s390.rpm openssl-0.9.8e-33.el5_11.s390x.rpm openssl-debuginfo-0.9.8e-33.el5_11.s390.rpm openssl-debuginfo-0.9.8e-33.el5_11.s390x.rpm openssl-devel-0.9.8e-33.el5_11.s390.rpm openssl-devel-0.9.8e-33.el5_11.s390x.rpm openssl-perl-0.9.8e-33.el5_11.s390x.rpm
x86_64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.x86_64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.x86_64.rpm openssl-perl-0.9.8e-33.el5_11.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-8275 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0287 https://access.redhat.com/security/cve/CVE-2015-0288 https://access.redhat.com/security/cve/CVE-2015-0289 https://access.redhat.com/security/cve/CVE-2015-0292 https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150108.txt https://www.openssl.org/news/secadv_20150319.txt https://access.redhat.com/articles/1384453
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVK6+gXlSAg2UNWIIRAoSlAJ0UGwyEUVUDOKBoGDKJRsDtDdmxSwCgvH9a M4Bxjq//ZXaJCcyFFc1l5A4= =rctB -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. HP SSL for OpenVMS: All versions prior to 1.4-502.
HP SSL 1.4-502 for OpenVMS (based on OpenSSL 0.9.8ze) is available from the following locations:
- HP SSL for OpenVMS website:
http://h71000.www7.hp.com/openvms/products/ssl/ssl.html
- HP Support Center website:
https://h20566.www2.hp.com/portal/site/hpsc/patch/home
Note: Login using your HP Passport account. SAP <http://www.sap.com/>has released the monthly critical patch update
for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most popular vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ERPScan researchers Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed.
Issues that were patched with the help of ERPScan
Below are the details of SAP vulnerabilities that were found byERPScan http://www.erpscan.com/researchers.
- An XML eXternal Entity vulnerability in SAP Mobile Platform on-premise (CVSS Base Score:5.5).Updateis available in SAP Security Note2159601 https://service.sap.com/sap/support/notes/2159601. An attacker can use XML eXternal Entities to send specially crafted unauthorized XML requests, which will be processed by the XML parser. The attacker will get unauthorized access to the OS file system.
- A Hardcoded Credentials vulnerability in SAP Cross-System Tools (CVSS Base Score:3.6).Updateis available in SAP Security Note2059659 https://service.sap.com/sap/support/notes/2059659. In addition, it is likely that the code will be implemented as a backdoor into the system.
- A Hardcoded Credentials vulnerability in SAP Data Transfer Workbench (CVSS Base Score:2.1).Updateis available in SAP Security Note2057982 https://service.sap.com/sap/support/notes/2057982. In addition, it is likely that the code will be implemented as a backdoor into the system.
The most critical issues found by other researchers
Some of our readers and clients asked us to categorize the most critical SAP vulnerabilities to patch them first. Companies providing SAP Security Audit, SAP Security Assessment, or SAP Penetration Testing services can include these vulnerabilities in their checklists. The most critical vulnerabilities of this update can be patched by the following SAP Security Notes:
- 2151237 https://service.sap.com/sap/support/notes/2151237: SAP GUI for Windows has a Buffer Overflow vulnerability (CVSS Base Score:9.3). An attacker can use Buffer Overflow for injecting specially crafted code into working memory, which will be executed by the vulnerable application under the privileges of that application. In case of command execution,attackercan obtain critical technical and business-related information stored in the vulnerable SAP-system or escalate their own privileges. For this time, nobody will be able to use this service, which negatively influences business processes, system downtime, and, consequently, business reputation. It is recommended to install this SAP Security Note to prevent risks.
- 2129609 https://service.sap.com/sap/support/notes/2129609: SAP EP JDBC Connector has an SQL Injection vulnerability (CVSS Base Score:6.5). An attacker can use SQL Injections with the help of specially crafted SQL queries. They can read and modify sensitive information from a database, execute administrative operations in a database, destroy data or make it unavailable. In some cases, an attacker can access system data or execute OS commands. It is recommended to install this SAP Security Note to prevent risks.
- 1997734 https://service.sap.com/sap/support/notes/1997734: SAP RFC runtime has a Missing AuthorizationXheckvulnerability (CVSS Base Score:6.0). An attacker can use Missing Authorization Checks to access a service without any authorization procedures and use service functionality that has restricted access. It is recommended to install this SAP Security Note to prevent risks.
- 2163306 https://service.sap.com/sap/support/notes/2163306: SAP CommonCryptoLib and SAPCRYPTOLIB are vulnerable to FREAK (CVE-2015-0204, CVSS Base Score:5.0). It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. All the attacks on this page assume a network adversary (i.e. a man-in-the-middle) to tamper with TLS handshake messages. The typical scenario to mount such attacks is by tampering with the Domain Name System (DNS), for example via DNS rebinding or domain name seizure. This attack targets a class of deliberately weak export cipher suites. It is recommended to install this SAP Security Note to prevent risks.
References about the FREAK vulnerability:
- SMACK: State Machine AttaCKs https://www.smacktls.com/
- Tracking the FREAK Attack https://freakattack.com/
- CVE-2015-0204 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
It is highly recommended to patch all those SAP vulnerabilities to prevent business risks affecting your SAP systems.
SAP has traditionally thanked the security researchers from ERPScan for found vulnerabilities on theiracknowledgment page http://scn.sap.com/docs/DOC-8218.
Advisories for those SAP vulnerabilities with technical details will be available in 3 months onerpscan.com http://www.erpscan.com/.
--
Darya Maenkova
PR manager
https://www.linkedin.com/company/2217474?trk=ppro_cprof https://twitter.com/erpscan
e-mail: d.maenkova@erpscan.com d.maenkova@erpscan.com
address: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301
phone: 650.798.5255
erpscan.com http://erpscan.com
. OpenSSL Security Advisory [08 Jan 2015]
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
Severity: Moderate
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
Severity: Moderate
A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch.
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
Severity: Low
When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx.
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
Severity: Low
An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
Severity: Low
An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Severity: Low
An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.
This issue affects OpenSSL versions: 1.0.1 and 1.0.0.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p.
This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.
Certificate fingerprints can be modified (CVE-2014-8275)
Severity: Low
OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint.
This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team.
Bignum squaring may produce incorrect results (CVE-2014-3570)
Severity: Low
Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined:
) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. ) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. ) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. ) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved.
This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.
OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.
This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team.
[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "jre 1.7.0 17",
"scope": null,
"trust": 1.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 17",
"scope": null,
"trust": 1.5,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 13",
"scope": null,
"trust": 1.5,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 43",
"scope": null,
"trust": 1.5,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 39",
"scope": null,
"trust": 1.5,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0:update 65",
"scope": null,
"trust": 1.2,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 1.2,
"vendor": "oracle",
"version": "1.7.072"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 1.2,
"vendor": "oracle",
"version": "1.8.025"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 1.2,
"vendor": "oracle",
"version": "1.6.085"
},
{
"_id": null,
"model": "jdk 1.6.0 43",
"scope": null,
"trust": 1.2,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 45",
"scope": null,
"trust": 1.2,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 38",
"scope": null,
"trust": 1.2,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 1.2,
"vendor": "oracle",
"version": "1.6.085"
},
{
"_id": null,
"model": "jre 1.7.0 13",
"scope": null,
"trust": 1.2,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 1.2,
"vendor": "oracle",
"version": "1.8.025"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0o"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0n"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"_id": null,
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"_id": null,
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8zc"
},
{
"_id": null,
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6.081"
},
{
"_id": null,
"model": "jre 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 16",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 65",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 55",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0:update 75",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0:update 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 61",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0:update 65",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6.081"
},
{
"_id": null,
"model": "jre 1.5.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0:update 75",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.840"
},
{
"_id": null,
"model": "jre 1.6.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 32",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7.072"
},
{
"_id": null,
"model": "jdk 1.7.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.691"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0 55",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.8.0:update 5",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0 17",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.8.0:update 5",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.776"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 14",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 10",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 15",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.7.0 21",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 71",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 61",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 29",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.581"
},
{
"_id": null,
"model": "jdk 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 16",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.5.071"
},
{
"_id": null,
"model": "jdk 0 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 10",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 27",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.581"
},
{
"_id": null,
"model": "jre 1.5.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 24",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 25",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0 41",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.5.075"
},
{
"_id": null,
"model": "jre 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 32",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 31",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 8",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 37",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.840"
},
{
"_id": null,
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 28",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.5.075"
},
{
"_id": null,
"model": "jre 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 71",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.8.020"
},
{
"_id": null,
"model": "jre 1.5.0 26",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 30",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 15",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 39",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 14",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 18",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"_id": null,
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.691"
},
{
"_id": null,
"model": "jre 1.5.0 13",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0 35",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 45",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 65",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 51",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0:update 60",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7.067"
},
{
"_id": null,
"model": "jdk 1.7.0 12",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jdk 1.5.0 38",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.7.0 11",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.5.071"
},
{
"_id": null,
"model": "jdk 1.7.0 4",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7.067"
},
{
"_id": null,
"model": "jdk 1.5.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 23",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.776"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.8.020"
},
{
"_id": null,
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.5.0 40",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.7.0 9",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0 33",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 22",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "research in motion rim",
"version": null
},
{
"_id": null,
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4 to v5.1"
},
{
"_id": null,
"model": "csview",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/faq navigator"
},
{
"_id": null,
"model": "csview",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/web questionnaire"
},
{
"_id": null,
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.0 to ver8.0"
},
{
"_id": null,
"model": "enterpriseidentitymanager",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"_id": null,
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"_id": null,
"model": "infocage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "security risk management v1.0.2 to v2.1.4"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "a series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "d series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "e series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "m series (nas including options )"
},
{
"_id": null,
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s series"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"_id": null,
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.2 to v6.5"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v4.2 to v6.5"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v4.1 to v6.5"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 to v7.1"
},
{
"_id": null,
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.1 to v6.5"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v7.1"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.2"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.2"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v7.1"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.2"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v7.1 to v8.1"
},
{
"_id": null,
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v7.1 to v8.1"
},
{
"_id": null,
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4 to v9.2"
},
{
"_id": null,
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"_id": null,
"model": "webotx sip application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v7.1 to v8.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator v3.1.0.x to v4.1.0.x"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter cl/web r13.1"
},
{
"_id": null,
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "jobcenter cl/web r13.2"
},
{
"_id": null,
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "jre 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.8"
},
{
"_id": null,
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 1.6.0 38",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "jdk 07-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0.0 08",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 12",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 34",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.8"
},
{
"_id": null,
"model": "jdk 1.5.0.0 09",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 11",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 11-b03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "jre 1.5.0.0 07",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.1"
},
{
"_id": null,
"model": "bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.0"
},
{
"_id": null,
"model": "bbm protected on blackberry",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.1.1767"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "bbm on blackberry os",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.1.1767"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.039"
},
{
"_id": null,
"model": "jdk update17",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.17"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22025850"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.28"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "websphere real time sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.1"
},
{
"_id": null,
"model": "jdk update3",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.306"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.055"
},
{
"_id": null,
"model": "netezza platform software 7.2.0.4-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.42"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.025"
},
{
"_id": null,
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.6.1.0.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "prime security manager 04.8 qa08",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "rational automation framework ifix5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "sametime community server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.04"
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"_id": null,
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355041980"
},
{
"_id": null,
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.47"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "cloud manager interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.22"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "sterling control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.21"
},
{
"_id": null,
"model": "java sdk sr16-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "java sdk sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"_id": null,
"model": "websphere real time sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.2"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.00"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.039"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.43"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "project openssl 1.0.1k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.8.06"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.04"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.208"
},
{
"_id": null,
"model": "jre update22",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.220"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.15"
},
{
"_id": null,
"model": "chassis management module 2pet12g",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "java sdk ga",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.2"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "system management homepage c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4(7.26)"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.10"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.043"
},
{
"_id": null,
"model": "tivoli network performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "communications session border controller scz7.3.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.121"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.1.1779"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.35"
},
{
"_id": null,
"model": "jre update3",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"_id": null,
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.3"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.3"
},
{
"_id": null,
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.39"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.11"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "flashsystem 9848-ac2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v90000"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "sterling connect:direct browser ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.11.03"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 23584 14",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "jdk update26",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.260"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.22"
},
{
"_id": null,
"model": "tivoli network performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"_id": null,
"model": "link for mac os (build",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.1.139)"
},
{
"_id": null,
"model": "websphere dashboard framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "jdk 1.5.0 11",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.036"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.1"
},
{
"_id": null,
"model": "chassis management module 2pet10e",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "workcentre 3025ni",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "3.50.01.10"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.51"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.180"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571480"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.16"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.17"
},
{
"_id": null,
"model": "java sdk sr16-fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.1"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.5"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "chassis management module 2pet10p",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "chassis management module 2peo12r",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.3"
},
{
"_id": null,
"model": "control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "java sdk 6r1 sr8-fp2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.1"
},
{
"_id": null,
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"_id": null,
"model": "bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.0.1"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "32253.50.01.10"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "java sdk sr16",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "bbm meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "100"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "java sdk sr16-fp10",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "wag310g residential gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0-14"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.10"
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "link for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.2.1.31"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "agent desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.13"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "hp-ux b.11.31 (11i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "v3)"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.1"
},
{
"_id": null,
"model": "chassis management module 2pet12r",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "chassis management module 2pet10b",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "java sdk sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "chassis management module 2peo12o",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ctpos 7.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.038"
},
{
"_id": null,
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "system management homepage a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11.197"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15210"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.3"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.31"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.3"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.365"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "java sdk sr16-fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.411"
},
{
"_id": null,
"model": "java sdk sr12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "tape subsystems",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.018"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73210"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.019"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.15"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.11"
},
{
"_id": null,
"model": "project openssl 0.9.8zd",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.01"
},
{
"_id": null,
"model": "flashsystem 9846-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v90000"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "secure work space for bes10/bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.1.0.150361"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "notes fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1.1"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "7.0"
},
{
"_id": null,
"model": "commoncryptolib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "jdk 1.5.0 11-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "bes10",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"_id": null,
"model": "vgw",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.3"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"_id": null,
"model": "jdk update2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"_id": null,
"model": "domino fix pack if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.133"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.1.830"
},
{
"_id": null,
"model": "system management homepage 7.3.2.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "30203.50.01.10"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.32"
},
{
"_id": null,
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "bbm protected on ios",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.13"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"_id": null,
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"_id": null,
"model": "rational build utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"_id": null,
"model": "cms r16.3 r7",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079470"
},
{
"_id": null,
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"_id": null,
"model": "infosphere information analyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.01"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.032"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "5.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
},
{
"_id": null,
"model": "tivoli netcool configuration manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"_id": null,
"model": "ctpos 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "jre update2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "jre update15",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.5"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.19"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.801"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.590"
},
{
"_id": null,
"model": "java",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.600"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.50"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24078630"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "workcentre r1",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "6400061.070.105.25200"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.1"
},
{
"_id": null,
"model": "network node manager ispi for ip telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4"
},
{
"_id": null,
"model": "gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87310"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"_id": null,
"model": "system m4 hdtype",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054600"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2.3"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "java sdk sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7910"
},
{
"_id": null,
"model": "mobile security suite mss",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "jre 1.5.0 08",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.8.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.5"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.01"
},
{
"_id": null,
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "jdk update33",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.21"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.13"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087180"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.045"
},
{
"_id": null,
"model": "jre update10",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "websphere real time sr9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "domino fix pack interim f",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.12"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.52"
},
{
"_id": null,
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"_id": null,
"model": "jdk update6",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.37"
},
{
"_id": null,
"model": "jre update7",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.01"
},
{
"_id": null,
"model": "jdk update10",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "infosphere optim data masking solution",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3.0.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "java sdk sr16-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "link for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.2.0.28"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0.9"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x73230"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "domino fp if4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "jre update13",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.6"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "355025.003.33.000"
},
{
"_id": null,
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.37"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.1)"
},
{
"_id": null,
"model": "netezza platform software 7.1.0.5-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "jdk update21",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.18"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "tivoli composite application manager for soa",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "db2 query management facility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x57145"
},
{
"_id": null,
"model": "java sdk sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.00"
},
{
"_id": null,
"model": "vds service broker",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.60"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.041"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "app for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "jdk update25",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "chassis management module 2pet12h",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "xiv storage system gen3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.2.0"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "bbm protected on ios",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.7.0.32"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.2.835"
},
{
"_id": null,
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.200"
},
{
"_id": null,
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "jdk update27",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.43"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.04"
},
{
"_id": null,
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jdk update15",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "network node manager ispi performance for qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.122"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.027"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "content analysis system",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.3.1"
},
{
"_id": null,
"model": "chassis management module 2pet12d",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571460"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.025"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x44079170"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"_id": null,
"model": "work browser for bes10/bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.1.17483.17"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.8.05"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5"
},
{
"_id": null,
"model": "rational agent controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3.3"
},
{
"_id": null,
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.0"
},
{
"_id": null,
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.18"
},
{
"_id": null,
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.4"
},
{
"_id": null,
"model": "network node manager ispi performance for metrics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "jdk update25",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.250"
},
{
"_id": null,
"model": "db2 advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "hp-ux b.11.23 (11i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "v2)"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.21"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.4"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"_id": null,
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"_id": null,
"model": "websphere mq mqipt",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.033"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"_id": null,
"model": "cognos tm1 fp4",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"_id": null,
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.2"
},
{
"_id": null,
"model": "cms r16.3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.43"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.11"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "bbm protected on android",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "domino interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.03"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "domino fix pack interim f",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.15"
},
{
"_id": null,
"model": "mashup center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.7"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.16-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "jdk update9",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "workflow for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.043"
},
{
"_id": null,
"model": "jre update26",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.260"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.060"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.411"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.2.2"
},
{
"_id": null,
"model": "network configuration and change management service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6.0"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "6.0"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "java sdk sr14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "link for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.2.1.16"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "10.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"_id": null,
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "tivoli network performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087380"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "network node manager ispi for ip multicast qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "domino fp if3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.24"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "command center appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"_id": null,
"model": "jre update4",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"_id": null,
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"_id": null,
"model": "cognos tm1 fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.238"
},
{
"_id": null,
"model": "ns oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.036"
},
{
"_id": null,
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"_id": null,
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.11"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"_id": null,
"model": "work connect for bes10/bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.0.17483.21"
},
{
"_id": null,
"model": "jdk update24",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.051"
},
{
"_id": null,
"model": "upward integration modules hardware management pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.8.0"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "domino if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.06"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.29"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.9"
},
{
"_id": null,
"model": "one-x client enablement services sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "jre update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.50"
},
{
"_id": null,
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "blend for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.195"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.034"
},
{
"_id": null,
"model": "java sdk sr16",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.1"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.2"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "xiv storage system gen3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.1.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 24755 137",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.3.3"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7.770"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "infosphere global name management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "network node manager ispi performance for qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4"
},
{
"_id": null,
"model": "hp-ux b.11.11 (11i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "v1)"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "jdk update28",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.280"
},
{
"_id": null,
"model": "domino fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"_id": null,
"model": "secure work space for bes10/bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.1.0.150360"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.6"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.7"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.038"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.4"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073800"
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.11"
},
{
"_id": null,
"model": "jdk update7",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.00"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.04"
},
{
"_id": null,
"model": "network node manager ispi performance for metrics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "phaser",
"scope": "ne",
"trust": 0.3,
"vendor": "xerox",
"version": "36001.70.03.06"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"_id": null,
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jre update11",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "infosphere master data management patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.4"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"_id": null,
"model": "network node manager ispi performance for qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "system idataplex dx360 m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63910"
},
{
"_id": null,
"model": "infosphere master data management server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "aura utility services sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.6"
},
{
"_id": null,
"model": "jre update27",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jre update17",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "jdk update27",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.270"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.32"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.303"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.56"
},
{
"_id": null,
"model": "chassis management module 2pet10h",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(0.625)"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88079030"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0.870"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "network node manager ispi performance for metrics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.12"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"_id": null,
"model": "blend for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "100"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.013"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.21"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "java sdk 6r1 sr8-fp4",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.0"
},
{
"_id": null,
"model": "infosphere master data management provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.3"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "version control repository manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.740"
},
{
"_id": null,
"model": "jdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "32153.50.01.10"
},
{
"_id": null,
"model": "websphere appliance management center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22279160"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "jdk update31",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.11"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "3.6"
},
{
"_id": null,
"model": "flashsystem 9846-ac2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v90000"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "chassis management module 2pet12i",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.2"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.366"
},
{
"_id": null,
"model": "jdk update13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "chassis management module 2pet10m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.032"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"_id": null,
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.45"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.0.820"
},
{
"_id": null,
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jdk update19",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "chassis management module 2pete5o",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "flashsystem 9848-ac2",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v90007.5.1.0"
},
{
"_id": null,
"model": "communications session border controller scz7.2.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.21"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.2"
},
{
"_id": null,
"model": "src series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "buildforge ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.66"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079440"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14.20"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.760"
},
{
"_id": null,
"model": "websphere real time sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2"
},
{
"_id": null,
"model": "jdk update30",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.300"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571430"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.07"
},
{
"_id": null,
"model": "bbm on blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "100"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.051"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "bes12 client",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.0.0.70"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ctp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.14"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.37"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.045"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 24144 68",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.5"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "java sdk sr16-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.14"
},
{
"_id": null,
"model": "sametime community server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.303"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.024"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.20"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.2"
},
{
"_id": null,
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.23"
},
{
"_id": null,
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.2"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "flashsystem 9848-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v90000"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.038"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1.104"
},
{
"_id": null,
"model": "chassis management module 2pet12f",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "nsm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.040"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.10"
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "bbm protected on android",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.7.0.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.11"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 25374 241",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pulse secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.041"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.029"
},
{
"_id": null,
"model": "initiate master data service provider hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "java sdk r1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"_id": null,
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"_id": null,
"model": "java sdk 7r1 sr2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "network node manager ispi for ip multicast qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363073770"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "aura conferencing sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1841"
},
{
"_id": null,
"model": "database 12c release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "112.11"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "linux enterprise module for legacy software",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "infosphere identity insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.21"
},
{
"_id": null,
"model": "flashsystem 9846-ae2",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v90007.5.1.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.179"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"_id": null,
"model": "tivoli netcool configuration manager if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.6003"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.027"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.022"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "sterling connect:direct browser ifix10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5.3"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.124"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.0"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational agent controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.1.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "java sdk sr16-fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054540"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "jdk update17",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "ctpos 6.6r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.13"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3810"
},
{
"_id": null,
"model": "domino if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.07"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "workcentre 3025bi",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "3.50.01.10"
},
{
"_id": null,
"model": "sterling connect:direct browser ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.212"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.033"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "netscaler service delivery appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.7"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"_id": null,
"model": "jre 1.6.0 31",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "jdk 0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "java sdk sr9",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "jdk update20",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "db2 query management facility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.1"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"_id": null,
"model": "bbm on ios",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.302"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "network node manager ispi performance for qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "systems insight manager 7.4.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "blend for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "rational build utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.750"
},
{
"_id": null,
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "chassis management module 2peo12i",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "lotus quickr for websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.060"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "chassis management module 2pet10c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"_id": null,
"model": "chassis management module 2pet10f",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli network performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.34"
},
{
"_id": null,
"model": "jdk update21",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.10"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"_id": null,
"model": "java sdk sr13-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355042540"
},
{
"_id": null,
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "network node manager ispi performance for metrics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.6"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.5"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.7"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5.2"
},
{
"_id": null,
"model": "blend for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.10"
},
{
"_id": null,
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.06"
},
{
"_id": null,
"model": "tivoli monitoring fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.5"
},
{
"_id": null,
"model": "websphere process server hypervisor edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "30523.50.01.11"
},
{
"_id": null,
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 24651 124",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.842"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.28"
},
{
"_id": null,
"model": "xiv storage system gen3 a",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.1.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.030"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1.11"
},
{
"_id": null,
"model": "java sdk sr13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.209"
},
{
"_id": null,
"model": "jre 1.5.0 09-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.41"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"_id": null,
"model": "tivoli storage manager for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.6.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0.4"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.051"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bbm on windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.0.0.25"
},
{
"_id": null,
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.42"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "jre update30",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.300"
},
{
"_id": null,
"model": "java sdk 7r1 sr1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6.156"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.10"
},
{
"_id": null,
"model": "link for mac os (build",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.0.16)"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.13"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.034"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.10"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise content delivery service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server community edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.4"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jre update5",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "tivoli system automation for integrated operations management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "app for stream",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.8"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.035"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.6"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.106)"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "jdk update11",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "java sdk sr3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.42"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 23853 47",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "java",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.480"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.026"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"_id": null,
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2"
},
{
"_id": null,
"model": "tivoli netcool configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.2"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 25616 10",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.33"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.20"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.2"
},
{
"_id": null,
"model": "workcentre spar",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "35500"
},
{
"_id": null,
"model": "os image for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "application policy infrastructure controller 1.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.31"
},
{
"_id": null,
"model": "tivoli monitoring fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.24"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.18"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365042550"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.9.1"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.5"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.12.201"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"_id": null,
"model": "java sdk sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.040"
},
{
"_id": null,
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.31"
},
{
"_id": null,
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "ace30 application control engine module 3.0 a5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.012"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2.127"
},
{
"_id": null,
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.3"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.10"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.3"
},
{
"_id": null,
"model": "db2 advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "bbm meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "cms r17 r4",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.9"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.065"
},
{
"_id": null,
"model": "cognos insight standard edition fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.214"
},
{
"_id": null,
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.11"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "network node manager ispi for ip telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.305"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.5"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.5.03.00"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.45"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "database 12c release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "112.12"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.037"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "bbm meetings for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "sametime community server limited use",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "platform cluster manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "jdk update22",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.220"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.12"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571470"
},
{
"_id": null,
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24087370"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.31"
},
{
"_id": null,
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "db2 developer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.0.10"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.8"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365041990"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.11"
},
{
"_id": null,
"model": "network node manager ispi for net",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "87340"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.041"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "domino fix pack interim f",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.24"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.12"
},
{
"_id": null,
"model": "secure work space for bes10/bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.1.0.150359"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.015"
},
{
"_id": null,
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.180"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.045"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.16"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "ringmaster appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "integrated management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.47"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "domino interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.06"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.15"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.051"
},
{
"_id": null,
"model": "java sdk sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java sdk sr1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "websphere real time sr7 fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.5"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"_id": null,
"model": "bbm meetings for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"_id": null,
"model": "bes",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "50"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0"
},
{
"_id": null,
"model": "system m4 bd type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365054660"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "jre update28",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"_id": null,
"model": "iptv",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.11"
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.3"
},
{
"_id": null,
"model": "jdk update13",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "web security appliance 9.0.0 -fcs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 24998 176",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "mint",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "bes12",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.1"
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "3"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.0.1"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2"
},
{
"_id": null,
"model": "link for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.0.1.12"
},
{
"_id": null,
"model": "jdk update4",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.024"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jdk update23",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.045"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.03"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.5"
},
{
"_id": null,
"model": "java sdk 7r1 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571490"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3.6"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jre 1.6.0 33",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.038"
},
{
"_id": null,
"model": "db2 purescale feature",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.186"
},
{
"_id": null,
"model": "cognos planning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.040"
},
{
"_id": null,
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"_id": null,
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "network node manager ispi performance for traffic",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.029"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network node manager ispi for mpls vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "chassis management module 2pete6l",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.11"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "integrated management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.12"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.1.1154"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "mobile wireless transport manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.1"
},
{
"_id": null,
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "java",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.85"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "infosphere master data management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4.143"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "chassis management module 2peo12p",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.16"
},
{
"_id": null,
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jboss enterprise application platform",
"scope": "ne",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"_id": null,
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.05"
},
{
"_id": null,
"model": "bes12 client",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.0.0.74"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.023"
},
{
"_id": null,
"model": "jre update6",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "flashcopy manager for db2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.41"
},
{
"_id": null,
"model": "lotus widget factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"_id": null,
"model": "jdk 0 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5"
},
{
"_id": null,
"model": "network node manager ispi for ip telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.470"
},
{
"_id": null,
"model": "java sdk sr16-fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.13"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.022"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.021"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.29"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5.146"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"_id": null,
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"_id": null,
"model": "bbm meetings for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "java sdk 6r1 sr8-fp3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"_id": null,
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "network node manager ispi for ip telephony",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "jdk update5",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "websphere real time sr8 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "endeca server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.4"
},
{
"_id": null,
"model": "rational agent controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.06"
},
{
"_id": null,
"model": "flashsystem 9846-ac2",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v90007.5.1.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.07"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.11"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"_id": null,
"model": "network node manager ispi for net",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "sterling connect:direct browser ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.213"
},
{
"_id": null,
"model": "jdk update25",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.2.3"
},
{
"_id": null,
"model": "phaser 3300mfp",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "20.105.52.000"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.6"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"_id": null,
"model": "os image for red hat",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.0"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2.4"
},
{
"_id": null,
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.5"
},
{
"_id": null,
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.160"
},
{
"_id": null,
"model": "jre update28",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.280"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.51"
},
{
"_id": null,
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "blend for android",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571910"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.017"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.32"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "004.000(1233)"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.10"
},
{
"_id": null,
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "network node manager ispi for net",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "chassis management module 2pet10i",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.16"
},
{
"_id": null,
"model": "jre update33",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "bes12 client",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "12.0.0.69"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"_id": null,
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.0"
},
{
"_id": null,
"model": "link for mac os (build",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.1.135)"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.27"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571450"
},
{
"_id": null,
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "java sdk sr11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "java sdk sr15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "aura conferencing sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.0.121"
},
{
"_id": null,
"model": "communications core session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.5"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"_id": null,
"model": "jdk update18",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"_id": null,
"model": "mashup center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.8"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"_id": null,
"model": "domino fix pack if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.367"
},
{
"_id": null,
"model": "jre update1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.3"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.12"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.20"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.1"
},
{
"_id": null,
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.1.2"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.031"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli provisioning manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.5"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"_id": null,
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.030"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9.790"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "rational sap connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.4"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.019"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "jre 1.6.0 37",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"_id": null,
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "bbm on android",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.7.0.6"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network node manager ispi performance for traffic",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.19"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"_id": null,
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "network node manager ispi for mpls vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"_id": null,
"model": "link for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.2.3.48"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.2.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "flashsystem 9848-ae2",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v90007.5.1.0"
},
{
"_id": null,
"model": "communications session border controller scz7.4.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.410"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "32603.50.01.11"
},
{
"_id": null,
"model": "bbm protected on blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "project openssl 1.0.0p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "36000"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.1"
},
{
"_id": null,
"model": "cms r16.3 r6",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "sametime",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netscaler t1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "flex system manager node types",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79550"
},
{
"_id": null,
"model": "app for netapp data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"_id": null,
"model": "infosphere master data management server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.840"
},
{
"_id": null,
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.035"
},
{
"_id": null,
"model": "network node manager ispi performance for traffic",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.51"
},
{
"_id": null,
"model": "network node manager ispi for mpls vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.039"
},
{
"_id": null,
"model": "websphere process server hypervisor edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "1"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.3"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "java sdk sr8-fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.13"
},
{
"_id": null,
"model": "cognos planning interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.12"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.026"
},
{
"_id": null,
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.12"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "jre update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.60"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "java sdk sr4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "netezza platform software 7.0.2.15-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.055"
},
{
"_id": null,
"model": "chassis management module 2pet12k",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.014"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.3"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"_id": null,
"model": "system m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079450"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4"
},
{
"_id": null,
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.040"
},
{
"_id": null,
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.2"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.011"
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"_id": null,
"model": "jdk update14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "chassis management module 2pet10d",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "infosphere identity insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "7.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.3"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x22079060"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.039"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "physical access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x88042590"
},
{
"_id": null,
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "chassis management module 2pet10k",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "upward integration modules integrated installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5.2"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "idataplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79790"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "jdk update1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"_id": null,
"model": "dataquant",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "initiate master data service patient hub",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.8.06"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.44"
},
{
"_id": null,
"model": "rational automation framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere real time sr6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5.0"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.2"
},
{
"_id": null,
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.15-210"
},
{
"_id": null,
"model": "websphere mq for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v6"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.1"
},
{
"_id": null,
"model": "websphere real time sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "chassis management module 2pet10g",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "jre update21",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "bbm on windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.0.0.24"
},
{
"_id": null,
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.11"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.08"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.037"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "chassis management module 2pet12p",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.3"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.205"
},
{
"_id": null,
"model": "jre update32",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.320"
},
{
"_id": null,
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.2"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "cics transaction gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.170"
},
{
"_id": null,
"model": "chassis management module 2pet12o",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.18"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "norman shark network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3.2"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.041"
},
{
"_id": null,
"model": "java sdk sr16-fp4",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "work space manager for bes10/bes12 23819 44",
"scope": null,
"trust": 0.3,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8.780"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.12"
},
{
"_id": null,
"model": "flashcopy manager for oracle with sap environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "upward integration modules scvmm add-in",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"_id": null,
"model": "sterling connect:direct browser ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.11.04"
},
{
"_id": null,
"model": "virtual connect enterprise manager sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"_id": null,
"model": "storediq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "sametime community server hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "as infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "sterling connect:direct browser user interface",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.11"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "jre 1.5.0 09",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "jre update25",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "netezza platform software 7.0.4.8-p3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.10"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.010"
},
{
"_id": null,
"model": "network node manager ispi for ip multicast qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.14"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"_id": null,
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"_id": null,
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.31"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "tririga for energy optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571430"
},
{
"_id": null,
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "network node manager ispi for net",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.141"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1"
},
{
"_id": null,
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.2"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.045"
},
{
"_id": null,
"model": "system idataplex dx360 m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x63800"
},
{
"_id": null,
"model": "java",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.205"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "ctpview 7.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "sterling connect:direct browser",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.2"
},
{
"_id": null,
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.19"
},
{
"_id": null,
"model": "websphere service registry and repository",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "security appscan standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "domino fix pack interim f",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.36"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "virtual connect enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "rational doors web access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.6.1.3"
},
{
"_id": null,
"model": "jdk update16",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.123"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "jdk update26",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere process server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079460"
},
{
"_id": null,
"model": "idataplex dx360 m4 water cooled type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79180"
},
{
"_id": null,
"model": "chassis management module 2pet12e",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.153"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2.106"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.020"
},
{
"_id": null,
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571920"
},
{
"_id": null,
"model": "java sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "tivoli netcool configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.6"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.023"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.15"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3.0"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "java sdk sr16-fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.33"
},
{
"_id": null,
"model": "rational application developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.14"
},
{
"_id": null,
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.05"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.35"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "bbm on ios",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "2.7.0.32"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.12"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.13"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1.730"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.0.1052"
},
{
"_id": null,
"model": "enterprise manager ops center",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1"
},
{
"_id": null,
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"_id": null,
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "jdk update29",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.0.180"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "jre update9",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.7.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.13"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2"
},
{
"_id": null,
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "bbm protected on blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "100"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.5"
},
{
"_id": null,
"model": "chassis management module 2pet10q",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "websphere real time sr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "39"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "network node manager ispi performance for traffic",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.09"
},
{
"_id": null,
"model": "network node manager ispi for mpls vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "flex system compute node type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x24089560"
},
{
"_id": null,
"model": "java sdk sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.75"
},
{
"_id": null,
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "tivoli asset management for it",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "cloudbridge",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "tivoli storage flashcopy manager for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.0"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "java sdk sr10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.29)"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "java sdk sr4-fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.6"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0.860"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.34"
},
{
"_id": null,
"model": "chassis management module 2peo12e",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "cognos controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "jre update9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.90"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "java sdk 7r1 sr2-fp10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.00"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.152"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.10"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "cognos insight standard edition fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.24"
},
{
"_id": null,
"model": "java sdk sr13-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.14"
},
{
"_id": null,
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.016"
},
{
"_id": null,
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"_id": null,
"model": "aura application server sip core sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"_id": null,
"model": "jdk 1.5.0 07-b03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "flashcopy manager for unix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1.0"
},
{
"_id": null,
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "java sdk 6r1 sr8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"_id": null,
"model": "websphere portal",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"_id": null,
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.6"
},
{
"_id": null,
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"_id": null,
"model": "maximo asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.12"
},
{
"_id": null,
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"_id": null,
"model": "universal device service",
"scope": "ne",
"trust": 0.3,
"vendor": "blackberry",
"version": "0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.031"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"_id": null,
"model": "xiv storage system gen2 10.2.4.e-6",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.35"
},
{
"_id": null,
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.242"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.2"
},
{
"_id": null,
"model": "network node manager ispi for ip multicast qa",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"_id": null,
"model": "chassis management module 2pet10a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"_id": null,
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.841"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.13"
},
{
"_id": null,
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.3"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.12"
},
{
"_id": null,
"model": "tivoli application dependency discovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "system m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350078390"
},
{
"_id": null,
"model": "jdk update22",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.0"
},
{
"_id": null,
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.1"
},
{
"_id": null,
"model": "jdk update15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"_id": null,
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "flashcopy manager for oracle",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1.2"
},
{
"_id": null,
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"_id": null,
"model": "ios 15.5 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"_id": null,
"model": "prime performance manager for sps ppm sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.6"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "insight orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"_id": null,
"model": "jre update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0.40"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "blackberry",
"version": "1010.3.0.1418"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.33"
},
{
"_id": null,
"model": "flashcopy manager for custom applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.34"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"_id": null,
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.10.800"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.12"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "BID",
"id": "71936"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-0204"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nec:capssuite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:csview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:express5800",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:infocage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:ip38x_sr100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:istorage",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_sip_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:websam",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "131940"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "131408"
},
{
"db": "PACKETSTORM",
"id": "132763"
}
],
"trust": 0.5
},
"cve": "CVE-2015-0204",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-0204",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2015-001672",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0204",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2015-001672",
"trust": 0.8,
"value": "High"
},
{
"author": "VULMON",
"id": "CVE-2015-0204",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0204"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-0204"
}
]
},
"description": {
"_id": null,
"data": "The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the \"FREAK\" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is\" FREAK It is also called \u201cattack\u201d. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027) https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.1.0,\nand includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.1\nRelease Notes, linked to in the References section, for information on the\nmost significant of these changes. \n\nSecurity Fix(es):\n\n* It was discovered that httpd used the value of the Proxy header from HTTP\nrequests to initialize the HTTP_PROXY environment variable for CGI scripts,\nwhich in turn was incorrectly used by certain HTTP client implementations\nto configure the proxy for outgoing HTTP requests. A remote attacker could\npossibly use this flaw to redirect HTTP requests performed by a CGI script\nto an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nRelease Date: 2015-05-19\nLast Updated: 2015-05-19\n\nPotential Security Impact: Remote Denial of Service (DoS) and other\nvulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running\nOpenSSL. These vulnerabilities could be exploited remotely to create a remote\nDenial of Service (DoS) and other vulnerabilities. \n\nReferences:\n\nCVE-2015-0204\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0289\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-0209\nCVE-2015-0288\nSSRT102000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before v0.9.8zf\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to resolve these vulnerabilities. The\nupdates are available from the following URL:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL depot name\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08zf.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08zf.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08zf.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall HP-UX OpenSSL A.00.09.08zf or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 20 May 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP ThinPro Linux (x86) v5.1\nHP ThinPro Linux (x86) v5.0\nHP ThinPro Linux (x86) v4.4\nHP ThinPro Linux (x86) v4.3\nHP ThinPro Linux (x86) v4.2\nHP ThinPro Linux (x86) v4.1\nHP ThinPro Linux (ARM) v4.4\nHP ThinPro Linux (ARM) v4.3\nHP ThinPro Linux (ARM) v4.2\nHP ThinPro Linux (ARM) v4.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software updates to resolve the vulnerability\nfor HP ThinPro Linux. \n\nSoftpaq:\nhttp://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe\n\nEasy Update Via ThinPro / EasyUpdate (x86):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-\n4.4-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nVia ThinPro / EasyUpdate (ARM):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-\n4.4-armel.xar\n\nNote: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch\napplied, VMware cannot connect if security level is set to \"Refuse insecure\nconnections\". Updating VMware to the latest package on ftp.hp.com will solve\nthe problem. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2015:0800-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0800.html\nIssue date: 2015-04-13\nCVE Names: CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 \n CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 \n CVE-2015-0293 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2015-0204)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the\nway OpenSSL decoded malformed Base64-encoded inputs. Note: this flaw is not exploitable via the TLS/SSL protocol because\nthe data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had both\nthe SSLv2 protocol and EXPORT-grade cipher suites enabled. \nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain\nASN.1 structures. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL\u0027s X.509 certificate\nhandling implementation. A specially crafted X.509 certificate could cause\nan application using OpenSSL to crash if the application attempted to\nconvert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. TLS/SSL clients and servers using OpenSSL were not\naffected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting \nCVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and \nCVE-2015-0293. Upstream acknowledges Emilia K\u00e4sper of the OpenSSL \ndevelopment team as the original reporter of CVE-2015-0287, Brian Carpenter\nas the original reporter of CVE-2015-0288, Michal Zalewski of Google as the\noriginal reporter of CVE-2015-0289, Robert Dugal and David Ramos as the \noriginal reporters of CVE-2015-0292, and Sean Burford of Google and Emilia \nK\u00e4sper of the OpenSSL development team as the original reporters of \nCVE-2015-0293. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)\n1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues\n1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption\n1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference\n1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding\n1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers\n1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-0.9.8e-33.el5_11.i386.rpm\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-perl-0.9.8e-33.el5_11.i386.rpm\n\nx86_64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-perl-0.9.8e-33.el5_11.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\n\nx86_64:\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-0.9.8e-33.el5_11.i386.rpm\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-perl-0.9.8e-33.el5_11.i386.rpm\n\nia64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.ia64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ia64.rpm\nopenssl-devel-0.9.8e-33.el5_11.ia64.rpm\nopenssl-perl-0.9.8e-33.el5_11.ia64.rpm\n\nppc:\nopenssl-0.9.8e-33.el5_11.ppc.rpm\nopenssl-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ppc.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-devel-0.9.8e-33.el5_11.ppc.rpm\nopenssl-devel-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-perl-0.9.8e-33.el5_11.ppc.rpm\n\ns390x:\nopenssl-0.9.8e-33.el5_11.s390.rpm\nopenssl-0.9.8e-33.el5_11.s390x.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.s390.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.s390x.rpm\nopenssl-devel-0.9.8e-33.el5_11.s390.rpm\nopenssl-devel-0.9.8e-33.el5_11.s390x.rpm\nopenssl-perl-0.9.8e-33.el5_11.s390x.rpm\n\nx86_64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-perl-0.9.8e-33.el5_11.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8275\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0287\nhttps://access.redhat.com/security/cve/CVE-2015-0288\nhttps://access.redhat.com/security/cve/CVE-2015-0289\nhttps://access.redhat.com/security/cve/CVE-2015-0292\nhttps://access.redhat.com/security/cve/CVE-2015-0293\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150108.txt \nhttps://www.openssl.org/news/secadv_20150319.txt\nhttps://access.redhat.com/articles/1384453\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVK6+gXlSAg2UNWIIRAoSlAJ0UGwyEUVUDOKBoGDKJRsDtDdmxSwCgvH9a\nM4Bxjq//ZXaJCcyFFc1l5A4=\n=rctB\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \nHP SSL for OpenVMS: All versions prior to 1.4-502. \n\n HP SSL 1.4-502 for OpenVMS (based on OpenSSL 0.9.8ze) is available from the\nfollowing locations:\n\n - HP SSL for OpenVMS website:\n\n http://h71000.www7.hp.com/openvms/products/ssl/ssl.html\n\n - HP Support Center website:\n\n https://h20566.www2.hp.com/portal/site/hpsc/patch/home\n\n Note: Login using your HP Passport account. SAP \u003chttp://www.sap.com/\u003ehas released the monthly critical patch update \nfor June 2015. This patch update closes a lot of vulnerabilities in SAP \nproducts. The most popular vulnerability is Missing Authorization Check. \nThis month, three critical vulnerabilities found by ERPScan researchers \nVahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed. \n\n*Issues that were patched with the help of ERPScan*\n\nBelow are the details of SAP vulnerabilities that were found byERPScan \n\u003chttp://www.erpscan.com/\u003eresearchers. \n\n * An XML eXternal Entity vulnerability in SAP Mobile Platform\n on-premise (CVSS Base Score:5.5).Updateis available in SAP Security\n Note2159601 \u003chttps://service.sap.com/sap/support/notes/2159601\u003e. An\n attacker can use XML eXternal Entities to send specially crafted\n unauthorized XML requests, which will be processed by the XML\n parser. The attacker will get unauthorized access to the OS file system. \n * A Hardcoded Credentials vulnerability in SAP Cross-System Tools\n (CVSS Base Score:3.6).Updateis available in SAP Security Note2059659\n \u003chttps://service.sap.com/sap/support/notes/2059659\u003e. In addition, it is likely that the\n code will be implemented as a backdoor into the system. \n * A Hardcoded Credentials vulnerability in SAP Data Transfer Workbench\n (CVSS Base Score:2.1).Updateis available in SAP Security Note2057982\n \u003chttps://service.sap.com/sap/support/notes/2057982\u003e. In addition, it is likely that the\n code will be implemented as a backdoor into the system. \n\n\n*The most critical issues found by other researchers*\n\nSome of our readers and clients asked us to categorize the most critical \nSAP vulnerabilities to patch them first. Companies providing SAP \nSecurity Audit, SAP Security Assessment, or SAP Penetration Testing \nservices can include these vulnerabilities in their checklists. The most \ncritical vulnerabilities of this update can be patched by the following \nSAP Security Notes:\n\n * 2151237 \u003chttps://service.sap.com/sap/support/notes/2151237\u003e: SAP GUI\n for Windows has a Buffer Overflow vulnerability (CVSS Base\n Score:9.3). An attacker can use Buffer Overflow for injecting\n specially crafted code into working memory, which will be executed\n by the vulnerable application under the privileges of that\n application. In case of command execution,attackercan obtain\n critical technical and business-related information stored in the\n vulnerable SAP-system or escalate their own privileges. For this time, nobody will be able to use this service,\n which negatively influences business processes, system downtime,\n and, consequently, business reputation. It is recommended to install\n this SAP Security Note to prevent risks. \n * 2129609 \u003chttps://service.sap.com/sap/support/notes/2129609\u003e: SAP EP\n JDBC Connector has an SQL Injection vulnerability (CVSS Base\n Score:6.5). An attacker can use SQL Injections with the help of\n specially crafted SQL queries. They can read and modify sensitive\n information from a database, execute administrative operations in a\n database, destroy data or make it unavailable. In some cases, an\n attacker can access system data or execute OS commands. It is\n recommended to install this SAP Security Note to prevent risks. \n * 1997734 \u003chttps://service.sap.com/sap/support/notes/1997734\u003e: SAP RFC\n runtime has a Missing AuthorizationXheckvulnerability (CVSS Base\n Score:6.0). An attacker can use Missing Authorization Checks to\n access a service without any authorization procedures and use\n service functionality that has restricted access. It\n is recommended to install this SAP Security Note to prevent risks. \n * 2163306 \u003chttps://service.sap.com/sap/support/notes/2163306\u003e: SAP\n CommonCryptoLib and SAPCRYPTOLIB are vulnerable to FREAK\n (CVE-2015-0204, CVSS Base Score:5.0). It allows an attacker to\n intercept HTTPS connections between vulnerable clients and servers\n and force them to use weakened encryption, which the attacker can\n break to steal or manipulate sensitive data. All the attacks on this\n page assume a network adversary (i.e. a man-in-the-middle) to tamper\n with TLS handshake messages. The typical scenario to mount such\n attacks is by tampering with the Domain Name System (DNS), for\n example via DNS rebinding or domain name seizure. This attack\n targets a class of deliberately weak export cipher suites. It is\n recommended to install this SAP Security Note to prevent risks. \n\n\n*References about the FREAK vulnerability:*\n\n * SMACK: State Machine AttaCKs \u003chttps://www.smacktls.com/\u003e\n * Tracking the FREAK Attack \u003chttps://freakattack.com/\u003e\n * CVE-2015-0204\n \u003chttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\u003e\n\n\nIt is highly recommended to patch all those SAP vulnerabilities to \nprevent business risks affecting your SAP systems. \n\nSAP has traditionally thanked the security researchers from ERPScan for \nfound vulnerabilities on theiracknowledgment page \n\u003chttp://scn.sap.com/docs/DOC-8218\u003e. \n\nAdvisories for those SAP vulnerabilities with technical details will be \navailable in 3 months onerpscan.com \u003chttp://www.erpscan.com/\u003e. \n\n-- \n\nDarya Maenkova\n\nPR manager\n\n\u003chttps://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e \n\u003chttps://twitter.com/erpscan\u003e\n\n\u003chttp://erpscan.com/\u003e\n\n------------------------------------------------------------------------\n\ne-mail: d.maenkova@erpscan.com \u003cmailto:d.maenkova@erpscan.com\u003e\n\naddress: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nphone: 650.798.5255\n\nerpscan.com \u003chttp://erpscan.com\u003e\n\n. OpenSSL Security Advisory [08 Jan 2015]\n=======================================\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n===========================================================\n\nSeverity: Moderate\n\nA carefully crafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of\nCisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL\ncore team. \n\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n=======================================================\n\nSeverity: Moderate\n\nA memory leak can occur in the dtls1_buffer_record function under certain\nconditions. In particular this could occur if an attacker sent repeated DTLS\nrecords with the same sequence number but for the next epoch. The memory leak\ncould be exploited by an attacker in a Denial of Service attack through memory\nexhaustion. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also\nprovided an initial patch. Further analysis was performed by Matt Caswell of the\nOpenSSL development team, who also developed the final patch. \n\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\n=========================================================\n\nSeverity: Low\n\nWhen openssl is built with the no-ssl3 option and a SSL v3 ClientHello is\nreceived the ssl method would be set to NULL which could later result in\na NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The\nfix was developed by Kurt Roeckx. \n\n\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n==========================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite\nusing an ECDSA certificate if the server key exchange message is omitted. This\neffectively removes forward secrecy from the ciphersuite. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n==============================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept the use of an RSA temporary key in a non-export\nRSA key exchange ciphersuite. A server could present a weak temporary key\nand downgrade the security of the session. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\n=============================================================================\n\nSeverity: Low\n\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects servers\nwhich trust a client certificate authority which issues certificates\ncontaining DH keys: these are extremely rare and hardly ever encountered. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nCertificate fingerprints can be modified (CVE-2014-8275)\n========================================================\n\nSeverity: Low\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. By modifying the contents of the\nsignature algorithm or the encoding of the signature, it is possible\nto change the certificate\u0027s fingerprint. \n\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any\nother way. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and\n0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nOne variant of this issue was discovered by Antti Karjalainen and\nTuomo Untinen from the Codenomicon CROSS program and reported to\nOpenSSL on 1st December 2014 by NCSC-FI Vulnerability\nCo-ordination. Another variant was independently reported to OpenSSL\non 12th December 2014 by Konrad Kraszewski from Google. Further\nanalysis was conducted and fixes were developed by Stephen Henson of\nthe OpenSSL core team. \n\nBignum squaring may produce incorrect results (CVE-2014-3570)\n=============================================================\n\nSeverity: Low\n\nBignum squaring (BN_sqr) may produce incorrect results on some\nplatforms, including x86_64. This bug occurs at random with a very\nlow probability, and is not known to be exploitable in any way, though\nits exact impact is difficult to determine. The following has been\ndetermined:\n\n*) The probability of BN_sqr producing an incorrect result at random\nis very low: 1/2^64 on the single affected 32-bit platform (MIPS) and\n1/2^128 on affected 64-bit platforms. \n*) On most platforms, RSA follows a different code path and RSA\noperations are not affected at all. For the remaining platforms\n(e.g. OpenSSL built without assembly support), pre-existing\ncountermeasures thwart bug attacks [1]. \n*) Static ECDH is theoretically affected: it is possible to construct\nelliptic curve points that would falsely appear to be on the given\ncurve. However, there is no known computationally feasible way to\nconstruct such points with low order, and so the security of static\nECDH private keys is believed to be unaffected. \n*) Other routines known to be theoretically affected are modular\nexponentiation, primality testing, DSA, RSA blinding, JPAKE and\nSRP. No exploits are known and straightforward bug attacks fail -\neither the attacker cannot control when the bug triggers, or no\nprivate key material is involved. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille\n(Blockstream) who also suggested an initial fix. Further analysis was\nconducted by the OpenSSL development team and Adam Langley of\nGoogle. The final fix was developed by Andy Polyakov of the OpenSSL\ncore team. \n\n[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf\n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150108.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0204"
},
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "BID",
"id": "71936"
},
{
"db": "VULMON",
"id": "CVE-2015-0204"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "131940"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "131387"
},
{
"db": "PACKETSTORM",
"id": "131408"
},
{
"db": "PACKETSTORM",
"id": "132268"
},
{
"db": "PACKETSTORM",
"id": "132763"
},
{
"db": "PACKETSTORM",
"id": "129867"
}
],
"trust": 3.51
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-0204",
"trust": 2.3
},
{
"db": "CERT/CC",
"id": "VU#243585",
"trust": 1.6
},
{
"db": "BID",
"id": "71936",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10679",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10102",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10108",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10110",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033378",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU99125992",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2015-0204",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131940",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133316",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131387",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131408",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132763",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129867",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "VULMON",
"id": "CVE-2015-0204"
},
{
"db": "BID",
"id": "71936"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "131940"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "131387"
},
{
"db": "PACKETSTORM",
"id": "131408"
},
{
"db": "PACKETSTORM",
"id": "132268"
},
{
"db": "PACKETSTORM",
"id": "132763"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-0204"
}
]
},
"id": "VAR-201501-0338",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.48673216
},
"last_update_date": "2026-03-09T22:30:39.973000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU99125992/522154/index.html"
},
{
"title": "NV15-016",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv15-016.html"
},
{
"title": "[08 Jan 2015]",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"title": "3046015",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/3046015"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150066 - Security Advisory"
},
{
"title": "Cisco: OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20150113-CVE-2015-0204"
},
{
"title": "Red Hat: CVE-2015-0204",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-0204"
},
{
"title": "Symantec Security Advisories: SA91 : FREAK Attack",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=fb8c9ab0a61ac1def90eef5ef6757895"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2459-1"
},
{
"title": "Debian Security Advisories: DSA-3125-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807"
},
{
"title": "Amazon Linux AMI: ALAS-2015-469",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-469"
},
{
"title": "Splunk Security Announcements: Splunk Enterprise versions 6.1.7, 6.0.8, and 5.0.12 address two vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=e17c368f43499efc420edc223af663db"
},
{
"title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl"
},
{
"title": "Apple: OS X Yosemite v10.10.3 and Security Update 2015-004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=aa5ab46566482c02434bb8cf65c9614e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2a43c5799a7dd07d6c0a92a3b040d12f"
},
{
"title": "Tenable Security Advisories: [R6] OpenSSL \u002720150319\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-04"
},
{
"title": "Splunk Security Announcements: Splunk Enterprise 6.2.2 addresses two vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=d9c34d2680d213e5c9dae973a42328f1"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
},
{
"title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424"
},
{
"title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "FreakVulnChecker",
"trust": 0.1,
"url": "https://github.com/felmoltor/FreakVulnChecker "
},
{
"title": "Freak-Scanner",
"trust": 0.1,
"url": "https://github.com/scottjpack/Freak-Scanner "
},
{
"title": "FREAK-Attack-CVE-2015-0204-Testing-Script",
"trust": 0.1,
"url": "https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script "
},
{
"title": "stuff",
"trust": 0.1,
"url": "https://github.com/thekondrashov/stuff "
},
{
"title": "non-controlflow-hijacking-datasets",
"trust": 0.1,
"url": "https://github.com/camel-clarkson/non-controlflow-hijacking-datasets "
},
{
"title": "scz_doc_copy",
"trust": 0.1,
"url": "https://github.com/TopCaver/scz_doc_copy "
},
{
"title": "checks",
"trust": 0.1,
"url": "https://github.com/cryptflow/checks "
},
{
"title": "tls",
"trust": 0.1,
"url": "https://github.com/greyleonie/tls "
},
{
"title": "JPN_RIC13351-2",
"trust": 0.1,
"url": "https://github.com/neominds/JPN_RIC13351-2 "
},
{
"title": "script_a2sv",
"trust": 0.1,
"url": "https://github.com/F4RM0X/script_a2sv "
},
{
"title": "a2sv",
"trust": 0.1,
"url": "https://github.com/hahwul/a2sv "
},
{
"title": "a2sv",
"trust": 0.1,
"url": "https://github.com/84KaliPleXon3/a2sv "
},
{
"title": "a2sv",
"trust": 0.1,
"url": "https://github.com/TheRipperJhon/a2sv "
},
{
"title": "sslscanner",
"trust": 0.1,
"url": "https://github.com/fireorb/sslscanner "
},
{
"title": "a2sv",
"trust": 0.1,
"url": "https://github.com/H4CK3RT3CH/a2sv "
},
{
"title": "HTTPSScan",
"trust": 0.1,
"url": "https://github.com/alexoslabs/HTTPSScan "
},
{
"title": "A2SV--SSL-VUL-Scan",
"trust": 0.1,
"url": "https://github.com/nyctophile6/A2SV--SSL-VUL-Scan "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/07/06/awoogah_get_ready_to_patch_severe_bug_in_openssl_this_thursday/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/03/13/cisco_freaks_out_starts_epic_openssl_bugsplat/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/03/03/government_crippleware_freaks_out_tlsssl/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2015/01/09/dead_openssl_bugs_more_fleas_than_poodles/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-0204"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-0204"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.6,
"url": "https://www.smacktls.com/#freak"
},
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv_20150108.txt"
},
{
"trust": 1.4,
"url": "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0849.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "https://support.citrix.com/article/ctx216642"
},
{
"trust": 1.2,
"url": "https://www.openssl.org/news/secadv_20150319.txt"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0800.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/71936"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019"
},
{
"trust": 1.1,
"url": "http://support.novell.com/security/cve/cve-2015-0204.html"
},
{
"trust": 1.1,
"url": "https://freakattack.com/"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3125"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:063"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht204659"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa88"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa91"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201503-11"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033378"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773241"
},
{
"trust": 1.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10110"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99707"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.8,
"url": "http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/757.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/326.html"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc4346#appendix-f.1.1.2"
},
{
"trust": 0.8,
"url": "https://technet.microsoft.com/library/security/3046015.aspx"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99125992/index.html"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/243585"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-0204"
},
{
"trust": 0.3,
"url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanv8#announce1"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699667"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/160"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101011689"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04773241"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04679334"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022548"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022550"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005334"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903805"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960151"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960634"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963126"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21963526"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21964496"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21964610"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21964625"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964730"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966177"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698818"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857"
},
{
"trust": 0.3,
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/java_april2015_advisory.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960515"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/32cfd-51ec67c0f86df/cert_security_mini-_bulletin_xrx15ah_for_p3600_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/30b1a-51f527aa71c0f/cert_security_mini-_bulletin_xrx15aj_for_wc3550_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/38cb3-51fe2768b1a74/cert_security_mini-_bulletin_xrx15ak_for_p3635mfp_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/3497e-521fff9cafe80/cert_security_mini-_bulletin_xrx15am_for_p30xx_p3260_wc30xx_wc3225_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902710"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960815"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957999"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959525"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965448"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903747"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964850"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957855"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958902"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959252"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020751"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101008182"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101011698"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101011712"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2163306"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903636"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005351"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903396"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967539"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903541"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903029"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957813"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965485"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964027"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903651"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958017"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903247"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903256"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903516"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961223"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903031"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965404"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962552"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958919"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958918"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957919"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962838"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960075"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902765"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902866"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959306"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903394"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005328"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964236"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957995"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902635"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700163"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097912"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902277"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699235"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700168"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700411"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701354"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700028"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022100"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005158"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanxd"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005370"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960460"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967498"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967709"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967962"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968485"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968869"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701453"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098358"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959002"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699810"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2e28e-523433d609b1d/cert_security_mini-_bulletin_xrx15ap_for_wc6400_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0292"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:0066"
},
{
"trust": 0.1,
"url": "https://github.com/felmoltor/freakvulnchecker"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37722"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2459-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/documentation/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=distributions\u0026version=2.1.1"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5409"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hpe.com/hpsc/doc/public/display?calledby=search_result\u0026doc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5413"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-20861d704bc04221a1518b7cb6"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5410"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/1384453"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/patch/home"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ssl/ssl.html"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2057982\u003e."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2159601\u003e."
},
{
"trust": 0.1,
"url": "https://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e"
},
{
"trust": 0.1,
"url": "http://erpscan.com\u003e"
},
{
"trust": 0.1,
"url": "http://scn.sap.com/docs/doc-8218\u003e."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2129609\u003e:"
},
{
"trust": 0.1,
"url": "https://freakattack.com/\u003e"
},
{
"trust": 0.1,
"url": "https://twitter.com/erpscan\u003e"
},
{
"trust": 0.1,
"url": "http://www.erpscan.com/\u003eresearchers."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2151237\u003e:"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2163306\u003e:"
},
{
"trust": 0.1,
"url": "http://www.sap.com/\u003ehas"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1997734\u003e:"
},
{
"trust": 0.1,
"url": "http://erpscan.com/\u003e"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/2059659\u003e."
},
{
"trust": 0.1,
"url": "https://www.smacktls.com/\u003e"
},
{
"trust": 0.1,
"url": "http://www.erpscan.com/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/smh"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/about/secpolicy.html"
},
{
"trust": 0.1,
"url": "http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
},
{
"db": "VULMON",
"id": "CVE-2015-0204"
},
{
"db": "BID",
"id": "71936"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "131940"
},
{
"db": "PACKETSTORM",
"id": "133316"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "131387"
},
{
"db": "PACKETSTORM",
"id": "131408"
},
{
"db": "PACKETSTORM",
"id": "132268"
},
{
"db": "PACKETSTORM",
"id": "132763"
},
{
"db": "PACKETSTORM",
"id": "129867"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672"
},
{
"db": "NVD",
"id": "CVE-2015-0204"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#243585",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-0204",
"ident": null
},
{
"db": "BID",
"id": "71936",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131940",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133316",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130987",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131387",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131408",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132268",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132763",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001672",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-0204",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-03-06T00:00:00",
"db": "CERT/CC",
"id": "VU#243585",
"ident": null
},
{
"date": "2015-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0204",
"ident": null
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71936",
"ident": null
},
{
"date": "2016-08-22T23:25:00",
"db": "PACKETSTORM",
"id": "138473",
"ident": null
},
{
"date": "2015-05-20T23:06:10",
"db": "PACKETSTORM",
"id": "131940",
"ident": null
},
{
"date": "2015-08-26T01:33:07",
"db": "PACKETSTORM",
"id": "133316",
"ident": null
},
{
"date": "2015-03-24T17:05:09",
"db": "PACKETSTORM",
"id": "130987",
"ident": null
},
{
"date": "2015-04-13T14:03:56",
"db": "PACKETSTORM",
"id": "131387",
"ident": null
},
{
"date": "2015-04-14T18:54:44",
"db": "PACKETSTORM",
"id": "131408",
"ident": null
},
{
"date": "2015-06-11T23:51:55",
"db": "PACKETSTORM",
"id": "132268",
"ident": null
},
{
"date": "2015-07-21T13:37:51",
"db": "PACKETSTORM",
"id": "132763",
"ident": null
},
{
"date": "2015-01-09T02:01:10",
"db": "PACKETSTORM",
"id": "129867",
"ident": null
},
{
"date": "2015-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001672",
"ident": null
},
{
"date": "2015-01-09T02:59:10.287000",
"db": "NVD",
"id": "CVE-2015-0204",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-10-27T00:00:00",
"db": "CERT/CC",
"id": "VU#243585",
"ident": null
},
{
"date": "2018-07-19T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0204",
"ident": null
},
{
"date": "2018-10-08T07:00:00",
"db": "BID",
"id": "71936",
"ident": null
},
{
"date": "2017-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001672",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-0204",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "71936"
}
],
"trust": 0.3
},
"title": {
"_id": null,
"data": "SSL/TLS implementations accept export-grade RSA keys (FREAK attack)",
"sources": [
{
"db": "CERT/CC",
"id": "VU#243585"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "71936"
}
],
"trust": 0.3
}
}
VAR-201501-0737
Vulnerability from variot - Updated: 2026-03-09 21:40Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST.". This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". eglibc The package contains a classic buffer overflow vulnerability.Denial of service (DoS) May be in a state. GNU glibc is prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may crash the application, denying service to legitimate users. CVE-ID CVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC
configd Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to elevate privileges Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients. CVE-ID CVE-2015-6994 : Mark Mentovai of Google Inc. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. These issues were addressed by using patches affecting OS X from upstream. This was addressed by disabling synthetic clicks for keychain access windows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
OS X El Capitan 10.11 is now available and addresses the following:
Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issue existed in Address Book framework's handling of an environment variable. This issue was addressed through improved environment variable handling. CVE-ID CVE-2015-5897 : Dan Bastone of Gotham Digital Science
AirScan Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may be able to extract payload from eSCL packets sent over a secure connection Description: An issue existed in the processing of eSCL packets. This issue was addressed through improved validation checks. CVE-ID CVE-2015-5853 : an anonymous researcher
apache_mod_php Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27. CVE-ID CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0235 CVE-2015-0273 CVE-2015-1351 CVE-2015-1352 CVE-2015-2301 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330
Apple Online Store Kit Available for: Mac OS X v10.6.8 and later Impact: A malicious application may gain access to a user's keychain items Description: An issue existed in validation of access control lists for iCloud keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University
AppleEvents Available for: Mac OS X v10.6.8 and later Impact: A user connected through screen sharing can send Apple Events to a local user's session Description: An issue existed with Apple Event filtering that allowed some users to send events to other users. This was addressed by improved Apple Event handling. CVE-ID CVE-2015-5849 : Jack Lawrence (@_jackhl)
Audio Available for: Mac OS X v10.6.8 and later Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea
bash Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in bash Description: Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57. CVE-ID CVE-2014-6277 CVE-2014-7186 CVE-2014-7187
Certificate Trust Policy Available for: Mac OS X v10.6.8 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT202858.
CFNetwork Cookies Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation. CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork FTPProtocol Available for: Mac OS X v10.6.8 and later Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in the handling of FTP packets when using the PASV command. This issue was resolved through improved validation. CVE-ID CVE-2015-5912 : Amit Klein
CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A maliciously crafted URL may be able to bypass HSTS and leak sensitive data Description: A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing. CVE-ID CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling. CVE-ID CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd
CFNetwork Proxies Available for: Mac OS X v10.6.8 and later Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University
CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group
CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of RC4. An attacker could force the use of RC4, even if the server preferred better ciphers, by blocking TLS 1.0 and higher connections until CFNetwork tried SSL 3.0, which only allows RC4. This issue was addressed by removing the fallback to SSL 3.0.
CoreCrypto Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms.
CoreText Available for: Mac OS X v10.6.8 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team
Dev Tools Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash
Dev Tools Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam
Disk Images Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco
dyld Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : TaiG Jailbreak Team
EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious application can prevent some systems from booting Description: An issue existed with the addresses covered by the protected range register. This issue was fixed by changing the protected range. CVE-ID CVE-2015-5900 : Xeno Kovah & Corey Kallenberg from LegbaCore
EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious Apple Ethernet Thunderbolt adapter may be able to affect firmware flashing Description: Apple Ethernet Thunderbolt adapters could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates. CVE-ID CVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare
Finder Available for: Mac OS X v10.6.8 and later Impact: The "Secure Empty Trash" feature may not securely delete files placed in the Trash Description: An issue existed in guaranteeing secure deletion of Trash files on some systems, such as those with flash storage. This issue was addressed by removing the "Secure Empty Trash" option. CVE-ID CVE-2015-5901 : Apple
Game Center Available for: Mac OS X v10.6.8 and later Impact: A malicious Game Center application may be able to access a player's email address Description: An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions. CVE-ID CVE-2015-5855 : Nasser Alnasser
Heimdal Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to replay Kerberos credentials to the SMB server Description: An authentication issue existed in Kerberos credentials. This issue was addressed through additional validation of credentials using a list of recently seen credentials. CVE-ID CVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu Fan of Microsoft Corporation, China
ICU Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2014-8147 CVE-2015-5922
Install Framework Legacy Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to gain root privileges Description: A restriction issue existed in the Install private framework containing a privileged executable. This issue was addressed by removing the executable. CVE-ID CVE-2015-5888 : Apple
Intel Graphics Driver Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in the Intel Graphics Driver. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5830 : Yuki MIZUNO (@mzyy94) CVE-2015-5877 : Camillus Gerard Cai
IOAudioFamily Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in IOAudioFamily that led to the disclosure of kernel memory content. This issue was addressed by permuting kernel pointers. CVE-ID CVE-2015-5864 : Luca Todesco
IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5871 : Ilja van Sprundel of IOActive CVE-2015-5872 : Ilja van Sprundel of IOActive CVE-2015-5873 : Ilja van Sprundel of IOActive CVE-2015-5890 : Ilja van Sprundel of IOActive
IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in IOGraphics which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-5865 : Luca Todesco
IOHIDFamily Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5866 : Apple CVE-2015-5867 : moony li of Trend Micro
IOStorageFamily Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through additional entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. These issues were addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser
Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number Description: An issue existed in xnu's validation of TCP packet headers. This issue was addressed through improved TCP packet header validation. CVE-ID CVE-2015-5879 : Jonathan Looney
Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in the handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory layout. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in debugging interfaces that led to the disclosure of memory content. This issue was addressed by sanitizing output from debugging interfaces. CVE-ID CVE-2015-5870 : Apple
Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to cause a system denial of service Description: A state management issue existed in debugging functionality. This issue was addressed through improved validation. CVE-ID CVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team
libc Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse Corporation
libpthread Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team
libxpc Available for: Mac OS X v10.6.8 and later Impact: Many SSH connections could cause a denial of service Description: launchd had no limit on the number of processes that could be started by a network connection. This issue was addressed by limiting the number of SSH processes to 40. CVE-ID CVE-2015-5881 : Apple
Login Window Available for: Mac OS X v10.6.8 and later Impact: The screen lock may not engage after the specified time period Description: An issue existed with captured display locking. The issue was addressed through improved lock handling. CVE-ID CVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau informationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni Vaahtera, and an anonymous researcher
lukemftpd Available for: Mac OS X v10.6.8 and later Impact: A remote attacker may be able to deny service to the FTP server Description: A glob-processing issue existed in tnftpd. This issue was addressed through improved glob validation. CVE-ID CVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com
Mail Available for: Mac OS X v10.6.8 and later Impact: Printing an email may leak sensitive user information Description: An issue existed in Mail which bypassed user preferences when printing an email. This issue was addressed through improved user preference enforcement. CVE-ID CVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya, Dennis Klein from Eschenburg, Germany, Jeff Hammett of Systim Technology Partners
Mail Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position may be able to intercept attachments of S/MIME-encrypted e-mail sent via Mail Drop Description: An issue existed in handling encryption parameters for large email attachments sent via Mail Drop. The issue is addressed by no longer offering Mail Drop when sending an encrypted e-mail. CVE-ID CVE-2015-5884 : John McCombs of Integrated Mapping Ltd
Multipeer Connectivity Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to observe unprotected multipeer data Description: An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption. CVE-ID CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem
NetworkExtension Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-5831 : Maxime Villard of m00nbsd
Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: An issue existed in parsing links in the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher
Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: A cross-site scripting issue existed in parsing text by the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5875 : xisigr of Tencent's Xuanwu LAB (www.tencent.com)
OpenSSH Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSH Description: Multiple vulnerabilities existed in OpenSSH versions prior to 6.9. These issues were addressed by updating OpenSSH to version 6.9. CVE-ID CVE-2014-2532
OpenSSL Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-0286 CVE-2015-0287
procmail Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in procmail Description: Multiple vulnerabilities existed in procmail versions prior to 3.22. These issues were addressed by removing procmail. CVE-ID CVE-2014-3618
remote_cmds Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with root privileges Description: An issue existed in the usage of environment variables by the rsh binary. This issue was addressed by dropping setuid privileges from the rsh binary. CVE-ID CVE-2015-5889 : Philip Pettersson
removefile Available for: Mac OS X v10.6.8 and later Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. CVE-ID CVE-2015-5840 : an anonymous researcher
Ruby Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in Ruby Description: Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645. CVE-ID CVE-2014-8080 CVE-2014-8090 CVE-2015-1855
Security Available for: Mac OS X v10.6.8 and later Impact: The lock state of the keychain may be incorrectly displayed to the user Description: A state management issue existed in the way keychain lock status was tracked. This issue was addressed through improved state management. CVE-ID CVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron, Eric E. Lawrence, Apple
Security Available for: Mac OS X v10.6.8 and later Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-5894 : Hannes Oud of kWallet GmbH
Security Available for: Mac OS X v10.6.8 and later Impact: A remote server may prompt for a certificate before identifying itself Description: Secure Transport accepted the CertificateRequest message before the ServerKeyExchange message. This issue was addressed by requiring the ServerKeyExchange first. CVE-ID CVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of INRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of Microsoft Research, Pierre-Yves Strub of IMDEA Software Institute
SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5891 : Ilja van Sprundel of IOActive
SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in SMBClient that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5893 : Ilja van Sprundel of IOActive
SQLite Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in SQLite v3.8.5 Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-3414 CVE-2015-3415 CVE-2015-3416
Telephony Available for: Mac OS X v10.6.8 and later Impact: A local attacker can place phone calls without the user's knowledge when using Continuity Description: An issue existed in the authorization checks for placing phone calls. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-3785 : Dan Bastone of Gotham Digital Science
Terminal Available for: Mac OS X v10.6.8 and later Impact: Maliciously crafted text could mislead the user in Terminal Description: Terminal did not handle bidirectional override characters in the same way when displaying text and when selecting text. This issue was addressed by suppressing bidirectional override characters in Terminal. CVE-ID CVE-2015-5883 : an anonymous researcher
tidy Available for: Mac OS X v10.6.8 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in tidy. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com
Time Machine Available for: Mac OS X v10.6.8 and later Impact: A local attacker may gain access to keychain items Description: An issue existed in backups by the Time Machine framework. This issue was addressed through improved coverage of Time Machine backups. CVE-ID CVE-2015-5854 : Jonas Magazinius of Assured AB
Note: OS X El Capitan 10.11 includes the security content of Safari 9: https://support.apple.com/kb/HT205265.
OS X El Capitan 10.11 may be obtained from the Mac App Store: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw S5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO /hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6 QhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54 YJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop hpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O c3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR 8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r N1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT fJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1 nJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e g6jld/w5tPuCFhGucE7Z =XciV -----END PGP SIGNATURE----- . Independently operating for three generations, WAGO is the global leader of spring pressure electrical interconnect and automation solutions. For more than 60 years, WAGO has developed and produced innovative products for packaging, transportation, process, industrial and building automation markets amongst others. Aside from its innovations in spring pressure connection technology, WAGO has introduced numerous innovations that have revolutionized industry. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector. The validity of the password hashes and the embedded keys were also verified by emulating the device. The outdated version was found by IoT Inspector. The outdated version was found by IoT Inspector.
3) Hardcoded Credentials (CVE-2019-12550) The device contains hardcoded users and passwords which can be used to login via SSH and Telnet.
4) Embedded Private Keys (CVE-2019-12549) The device contains hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches to the embedded private key. A file with the name "\ectest\n\e]55;test.txt\a" was created to trigger the vulnerability.
3) Hardcoded Credentials (CVE-2019-12550) The following credentials were found in the 'passwd' file of the firmware: root No password is set for the account [EMPTY PASSWORD] admin
By using these credentials, it's possible to connect via Telnet and SSH on the emulated device. Example for Telnet:
[root@localhost ~]# telnet 192.168.0.133 Trying 192.168.0.133... Connected to 192.168.0.133. Escape character is '^]'.
L2SWITCH login: root Password: ~ #
Example for SSH:
[root@localhost ~]# ssh 192.168.0.133 root@192.168.0.133's password: ~ #
4) Embedded Private Keys (CVE-2019-12549) The following host key fingerprint is shown by accessing the SSH daemon on the emulated device:
[root@localhost ~]# ssh 192.168.0.133 The authenticity of host '192.168.0.133 (192.168.0.133)' can't be established. RSA key fingerprint is SHA256:X5Vr0/x0/j62N/aqZmHz96ojwl8x/I8mfzuT8o6uZso. RSA key fingerprint is MD5:2e:65:85:fc:45:04:bd:68:30:74:51:45:7d:2f:95:e2.
This matches the embedded private key (which has been removed from this advisory): SSH Fingerprint: 2e:65:85:fc:45:04:bd:68:30:74:51:45:7d:2f:95:e2
Vulnerable / tested versions:
According to the vendor, the following versions are affected: * 852-303: <v1.2.2.S0 * 852-1305: <v1.1.6.S0 * 852-1505: <v1.1.5.S0
Vendor contact timeline:
2019-03-12: Contacting VDE CERT through info@cert.vde.com, received confirmation 2019-03-26: Asking for a status update, VDE CERT is still waiting for details 2019-03-28: VDE CERT requests information from WAGO again 2019-04-09: Asking for a status update 2019-04-11: VDE CERT: patched firmware release planned for end of May, requested postponement of advisory release 2019-04-16: VDE CERT: update regarding affected firmware versions 2019-04-24: Confirming advisory release for beginning of June 2019-05-20: Asking for a status update 2019-05-22: VDE CERT: no news from WAGO yet, 5th June release date 2019-05-29: Asking for a status update 2019-05-29: VDE CERT: detailed answer from WAGO, patches will be published on 7th June, SEC Consult proposes new advisory release date for 12th June 2019-06-07: VDE CERT provides security advisory information from WAGO; WAGO releases security patches 2019-06-12: Coordinated release of security advisory
Solution:
The vendor provides patches to their customers at their download page. The following versions fix the issues: * 852-303: v1.2.2.S0 * 852-1305: v1.1.6.S0 * 852-1505: v1.1.5.S0
According to the vendor, busybox and glibc have been updated and the embedded private keys are being newly generated upon first boot and after a factory reset. The root login via Telnet and SSH has been disabled and the admin account is documented and can be changed by the customer.
Workaround:
Restrict network access to the device & SSH server. Weber / @2019
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04602055
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04602055 Version: 1
HPSBHF03289 rev.1- HP ThinClient PCs running ThinPro Linux, Remote Code Execution, Denial of Service, Disclosure of information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-03-20 Last Updated: 2015-03-20
Potential Security Impact: Remote code execution, denial of service, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP ThinPro Linux This is the glibc vulnerability known as "GHOST", which could be exploited remotely to allow execution of arbitrary code. This update also addresses other vulnerabilities in SSL that would remotely allow denial of service, disclosure of information and other vulnerabilities.
References:
CVE-2015-0235 (SSRT101953) CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP ThinPro Linux (x86) v5.1 HP ThinPro Linux (x86) v5.0 HP ThinPro Linux (x86) v4.4 HP ThinPro Linux (x86) v4.3 HP ThinPro Linux (x86) v4.2 HP ThinPro Linux (x86) v4.1 HP ThinPro Linux (ARM) v4.4 HP ThinPro Linux (ARM) v4.3 HP ThinPro Linux (ARM) v4.2 HP ThinPro Linux (ARM) v4.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software updates to resolve the vulnerability for HP ThinPro Linux.
Softpaq: http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe
Easy Update Via ThinPro / EasyUpdate (x86):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all- 4.4-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar
Via ThinPro / EasyUpdate (ARM):
http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar
http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all- 4.4-armel.xar
Note: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch applied, VMware cannot connect if security level is set to "Refuse insecure connections". Updating VMware to the latest package on ftp.hp.com will solve the problem.
HISTORY Version:1 (rev.1) - 20 March 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
The original glibc bug was reported by Peter Klotz.
CVE-2014-7817
Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the
wordexp function did not suppress command execution in all cases.
This allows a context-dependent attacker to execute shell
commands.
CVE-2012-6656 CVE-2014-6040
The charset conversion code for certain IBM multi-byte code pages
could perform an out-of-bounds array access, causing the process
to crash. In some scenarios, this allows a remote attacker to
cause a persistent denial of service.
For the upcoming stable distribution (jessie) and the unstable distribution (sid), the CVE-2015-0235 issue has been fixed in version 2.18-1 of the glibc package.
We recommend that you upgrade your eglibc packages.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 https://rhn.redhat.com/errata/RHSA-2015-0092.html
Updated Packages:
Mandriva Business Server 1/X86_64: 678efef85b85206451ef8927bad808e0 mbs1/x86_64/glibc-2.14.1-12.11.mbs1.x86_64.rpm 46cd508f03e36c1e4f752c317852ec8e mbs1/x86_64/glibc-devel-2.14.1-12.11.mbs1.x86_64.rpm 069302c80e3b79504e2b0eaaa72c2745 mbs1/x86_64/glibc-doc-2.14.1-12.11.mbs1.noarch.rpm 3a841c0295823354655dd3e7734ada0b mbs1/x86_64/glibc-doc-pdf-2.14.1-12.11.mbs1.noarch.rpm 11a672a0b4bae77c7adfa803bea9871f mbs1/x86_64/glibc-i18ndata-2.14.1-12.11.mbs1.x86_64.rpm d3f113ccec4f18e4bb08c951625e51d7 mbs1/x86_64/glibc-profile-2.14.1-12.11.mbs1.x86_64.rpm f6d6aa5806dd747e66996ea8cc01c9b4 mbs1/x86_64/glibc-static-devel-2.14.1-12.11.mbs1.x86_64.rpm 98cc6eae0234eeed945712bbc8b2c0ea mbs1/x86_64/glibc-utils-2.14.1-12.11.mbs1.x86_64.rpm bf6f2fcc3dd21bd8380aac40e91bb802 mbs1/x86_64/nscd-2.14.1-12.11.mbs1.x86_64.rpm f597e4d6241c76701733d730e84f5714 mbs1/SRPMS/glibc-2.14.1-12.11.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: glibc security update Advisory ID: RHSA-2015:0092-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0092.html Issue date: 2015-01-27 CVE Names: CVE-2015-0235 =====================================================================
- Summary:
Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. (CVE-2015-0235)
Red Hat would like to thank Qualys for reporting this issue.
All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: glibc-2.12-1.149.el6_6.5.src.rpm
i386: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-headers-2.12-1.149.el6_6.5.i686.rpm glibc-utils-2.12-1.149.el6_6.5.i686.rpm nscd-2.12-1.149.el6_6.5.i686.rpm
x86_64: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-2.12-1.149.el6_6.5.x86_64.rpm glibc-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm nscd-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm
x86_64: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: glibc-2.12-1.149.el6_6.5.src.rpm
x86_64: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-2.12-1.149.el6_6.5.x86_64.rpm glibc-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm nscd-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: glibc-2.12-1.149.el6_6.5.src.rpm
i386: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-headers-2.12-1.149.el6_6.5.i686.rpm glibc-utils-2.12-1.149.el6_6.5.i686.rpm nscd-2.12-1.149.el6_6.5.i686.rpm
ppc64: glibc-2.12-1.149.el6_6.5.ppc.rpm glibc-2.12-1.149.el6_6.5.ppc64.rpm glibc-common-2.12-1.149.el6_6.5.ppc64.rpm glibc-debuginfo-2.12-1.149.el6_6.5.ppc.rpm glibc-debuginfo-2.12-1.149.el6_6.5.ppc64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.ppc.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.ppc64.rpm glibc-devel-2.12-1.149.el6_6.5.ppc.rpm glibc-devel-2.12-1.149.el6_6.5.ppc64.rpm glibc-headers-2.12-1.149.el6_6.5.ppc64.rpm glibc-utils-2.12-1.149.el6_6.5.ppc64.rpm nscd-2.12-1.149.el6_6.5.ppc64.rpm
s390x: glibc-2.12-1.149.el6_6.5.s390.rpm glibc-2.12-1.149.el6_6.5.s390x.rpm glibc-common-2.12-1.149.el6_6.5.s390x.rpm glibc-debuginfo-2.12-1.149.el6_6.5.s390.rpm glibc-debuginfo-2.12-1.149.el6_6.5.s390x.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.s390.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.s390x.rpm glibc-devel-2.12-1.149.el6_6.5.s390.rpm glibc-devel-2.12-1.149.el6_6.5.s390x.rpm glibc-headers-2.12-1.149.el6_6.5.s390x.rpm glibc-utils-2.12-1.149.el6_6.5.s390x.rpm nscd-2.12-1.149.el6_6.5.s390x.rpm
x86_64: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-2.12-1.149.el6_6.5.x86_64.rpm glibc-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm nscd-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm
ppc64: glibc-debuginfo-2.12-1.149.el6_6.5.ppc.rpm glibc-debuginfo-2.12-1.149.el6_6.5.ppc64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.ppc.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.ppc64.rpm glibc-static-2.12-1.149.el6_6.5.ppc.rpm glibc-static-2.12-1.149.el6_6.5.ppc64.rpm
s390x: glibc-debuginfo-2.12-1.149.el6_6.5.s390.rpm glibc-debuginfo-2.12-1.149.el6_6.5.s390x.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.s390.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.s390x.rpm glibc-static-2.12-1.149.el6_6.5.s390.rpm glibc-static-2.12-1.149.el6_6.5.s390x.rpm
x86_64: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: glibc-2.12-1.149.el6_6.5.src.rpm
i386: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-headers-2.12-1.149.el6_6.5.i686.rpm glibc-utils-2.12-1.149.el6_6.5.i686.rpm nscd-2.12-1.149.el6_6.5.i686.rpm
x86_64: glibc-2.12-1.149.el6_6.5.i686.rpm glibc-2.12-1.149.el6_6.5.x86_64.rpm glibc-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-devel-2.12-1.149.el6_6.5.i686.rpm glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm nscd-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm
x86_64: glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm glibc-static-2.12-1.149.el6_6.5.i686.rpm glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: glibc-2.17-55.el7_0.5.src.rpm
x86_64: glibc-2.17-55.el7_0.5.i686.rpm glibc-2.17-55.el7_0.5.x86_64.rpm glibc-common-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-devel-2.17-55.el7_0.5.i686.rpm glibc-devel-2.17-55.el7_0.5.x86_64.rpm glibc-headers-2.17-55.el7_0.5.x86_64.rpm glibc-utils-2.17-55.el7_0.5.x86_64.rpm nscd-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-static-2.17-55.el7_0.5.i686.rpm glibc-static-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: glibc-2.17-55.el7_0.5.src.rpm
x86_64: glibc-2.17-55.el7_0.5.i686.rpm glibc-2.17-55.el7_0.5.x86_64.rpm glibc-common-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-devel-2.17-55.el7_0.5.i686.rpm glibc-devel-2.17-55.el7_0.5.x86_64.rpm glibc-headers-2.17-55.el7_0.5.x86_64.rpm glibc-utils-2.17-55.el7_0.5.x86_64.rpm nscd-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-static-2.17-55.el7_0.5.i686.rpm glibc-static-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: glibc-2.17-55.el7_0.5.src.rpm
ppc64: glibc-2.17-55.el7_0.5.ppc.rpm glibc-2.17-55.el7_0.5.ppc64.rpm glibc-common-2.17-55.el7_0.5.ppc64.rpm glibc-debuginfo-2.17-55.el7_0.5.ppc.rpm glibc-debuginfo-2.17-55.el7_0.5.ppc64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.ppc.rpm glibc-debuginfo-common-2.17-55.el7_0.5.ppc64.rpm glibc-devel-2.17-55.el7_0.5.ppc.rpm glibc-devel-2.17-55.el7_0.5.ppc64.rpm glibc-headers-2.17-55.el7_0.5.ppc64.rpm glibc-utils-2.17-55.el7_0.5.ppc64.rpm nscd-2.17-55.el7_0.5.ppc64.rpm
s390x: glibc-2.17-55.el7_0.5.s390.rpm glibc-2.17-55.el7_0.5.s390x.rpm glibc-common-2.17-55.el7_0.5.s390x.rpm glibc-debuginfo-2.17-55.el7_0.5.s390.rpm glibc-debuginfo-2.17-55.el7_0.5.s390x.rpm glibc-debuginfo-common-2.17-55.el7_0.5.s390.rpm glibc-debuginfo-common-2.17-55.el7_0.5.s390x.rpm glibc-devel-2.17-55.el7_0.5.s390.rpm glibc-devel-2.17-55.el7_0.5.s390x.rpm glibc-headers-2.17-55.el7_0.5.s390x.rpm glibc-utils-2.17-55.el7_0.5.s390x.rpm nscd-2.17-55.el7_0.5.s390x.rpm
x86_64: glibc-2.17-55.el7_0.5.i686.rpm glibc-2.17-55.el7_0.5.x86_64.rpm glibc-common-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-devel-2.17-55.el7_0.5.i686.rpm glibc-devel-2.17-55.el7_0.5.x86_64.rpm glibc-headers-2.17-55.el7_0.5.x86_64.rpm glibc-utils-2.17-55.el7_0.5.x86_64.rpm nscd-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: glibc-debuginfo-2.17-55.el7_0.5.ppc.rpm glibc-debuginfo-2.17-55.el7_0.5.ppc64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.ppc.rpm glibc-debuginfo-common-2.17-55.el7_0.5.ppc64.rpm glibc-static-2.17-55.el7_0.5.ppc.rpm glibc-static-2.17-55.el7_0.5.ppc64.rpm
s390x: glibc-debuginfo-2.17-55.el7_0.5.s390.rpm glibc-debuginfo-2.17-55.el7_0.5.s390x.rpm glibc-debuginfo-common-2.17-55.el7_0.5.s390.rpm glibc-debuginfo-common-2.17-55.el7_0.5.s390x.rpm glibc-static-2.17-55.el7_0.5.s390.rpm glibc-static-2.17-55.el7_0.5.s390x.rpm
x86_64: glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-static-2.17-55.el7_0.5.i686.rpm glibc-static-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: glibc-2.17-55.el7_0.5.src.rpm
x86_64: glibc-2.17-55.el7_0.5.i686.rpm glibc-2.17-55.el7_0.5.x86_64.rpm glibc-common-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-devel-2.17-55.el7_0.5.i686.rpm glibc-devel-2.17-55.el7_0.5.x86_64.rpm glibc-headers-2.17-55.el7_0.5.x86_64.rpm glibc-utils-2.17-55.el7_0.5.x86_64.rpm nscd-2.17-55.el7_0.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: glibc-debuginfo-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm glibc-static-2.17-55.el7_0.5.i686.rpm glibc-static-2.17-55.el7_0.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0235 https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUx9bmXlSAg2UNWIIRAjP4AJ9/EPFLyhSuapG8Lie71zPk6VaF8wCfVAw2 VIBda0hF+i0zAuST73ezXzI= =w5UI -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/glibc-2.17-i486-10_slack14.1.txz: Rebuilt. This flaw could allow local or remote attackers to take control of a machine running a vulnerable version of glibc. Thanks to Qualys for discovering this issue (also known as the GHOST vulnerability.) For more information, see: https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 ( Security fix ) patches/packages/glibc-i18n-2.17-i486-10_slack14.1.txz: Rebuilt. patches/packages/glibc-profile-2.17-i486-10_slack14.1.txz: Rebuilt. patches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz: Rebuilt. patches/packages/glibc-zoneinfo-2014j-noarch-1.txz: Upgraded. Upgraded to tzcode2014j and tzdata2014j. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-2.9-i486-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-i18n-2.9-i486-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-profile-2.9-i486-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-solibs-2.9-i486-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-2.9-x86_64-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-i18n-2.9-x86_64-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-profile-2.9-x86_64-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-solibs-2.9-x86_64-7_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-2.11.1-i486-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-i18n-2.11.1-i486-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-profile-2.11.1-i486-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-solibs-2.11.1-i486-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-2.13-i486-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-i18n-2.13-i486-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-profile-2.13-i486-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-solibs-2.13-i486-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-2.13-x86_64-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-i18n-2.13-x86_64-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-profile-2.13-x86_64-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-solibs-2.13-x86_64-8_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-2.15-i486-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-i18n-2.15-i486-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-profile-2.15-i486-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-solibs-2.15-i486-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-2.15-x86_64-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-i18n-2.15-x86_64-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-profile-2.15-x86_64-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-solibs-2.15-x86_64-9_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-2.17-i486-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-i18n-2.17-i486-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-profile-2.17-i486-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-2.17-x86_64-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-i18n-2.17-x86_64-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-profile-2.17-x86_64-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-solibs-2.17-x86_64-10_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.20-i486-2.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2014j-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.20-i486-2.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.20-i486-2.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.20-i486-2.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.20-x86_64-2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2014j-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.20-x86_64-2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.20-x86_64-2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.20-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 41402c65ebdef4b022c799131556ef7e glibc-2.9-i486-7_slack13.0.txz 7095e3cd743af0179ea14b9bff81e3f4 glibc-i18n-2.9-i486-7_slack13.0.txz 901d50b809ed84837ff45b2ca7838bb3 glibc-profile-2.9-i486-7_slack13.0.txz 421a711b7cf1be2df2421ae5cd50b217 glibc-solibs-2.9-i486-7_slack13.0.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware x86_64 13.0 packages: d4266628a8db63751f3f55b8bc2e2162 glibc-2.9-x86_64-7_slack13.0.txz b6161a0e23da771c5c6903605e49e403 glibc-i18n-2.9-x86_64-7_slack13.0.txz b8026d61e3849cce26539def0b665ca3 glibc-profile-2.9-x86_64-7_slack13.0.txz 1f7f4cf57d44d75d4ef2786152f33403 glibc-solibs-2.9-x86_64-7_slack13.0.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware 13.1 packages: 03e0d0224efe8bc794b5be0454612a1e glibc-2.11.1-i486-9_slack13.1.txz fabbdd8d7f14667c7a2dc7ede87b5510 glibc-i18n-2.11.1-i486-9_slack13.1.txz 1c1d86a9dabe329c3d30796188b66ebe glibc-profile-2.11.1-i486-9_slack13.1.txz e2ebe08bb02550c69202a6f973ef7e47 glibc-solibs-2.11.1-i486-9_slack13.1.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware x86_64 13.1 packages: c00de492a4842e3a86101028e8cc03f0 glibc-2.11.1-x86_64-9_slack13.1.txz 9657c55f39b233333e48d08acee9ed78 glibc-i18n-2.11.1-x86_64-9_slack13.1.txz ada2d7f7b7ffdfd7a4407696ad714e48 glibc-profile-2.11.1-x86_64-9_slack13.1.txz b3c393e74aafbb5276cea1217dfcd1aa glibc-solibs-2.11.1-x86_64-9_slack13.1.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware 13.37 packages: 16615e6ef8311b928e3a05e0b7f3e505 glibc-2.13-i486-8_slack13.37.txz 319dfc0cbdaf8410981195fffb1371c6 glibc-i18n-2.13-i486-8_slack13.37.txz 6964339495ab981d17ba27cd5878a400 glibc-profile-2.13-i486-8_slack13.37.txz 1834abd11fab02725e897040bbead56f glibc-solibs-2.13-i486-8_slack13.37.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware x86_64 13.37 packages: 1753003d261831ac235445e23a9f9870 glibc-2.13-x86_64-8_slack13.37.txz 8aa103984bb2cb293072a022dd9144f2 glibc-i18n-2.13-x86_64-8_slack13.37.txz a56e90a34eec8f60e265c45d05490a57 glibc-profile-2.13-x86_64-8_slack13.37.txz c6f684ea049e4091b96d15606eb454d1 glibc-solibs-2.13-x86_64-8_slack13.37.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware 14.0 packages: a2fadb666bfdf5c7c4c9792cbf34785d glibc-2.15-i486-9_slack14.0.txz 3b3626f4a170a603af36ca60c7840fa6 glibc-i18n-2.15-i486-9_slack14.0.txz ad237d138bb874e57c4080071d27e798 glibc-profile-2.15-i486-9_slack14.0.txz f07d37e52014cec80e43d883eda516ae glibc-solibs-2.15-i486-9_slack14.0.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware x86_64 14.0 packages: a5d02d71a230b6daa39d2ebefd8a6548 glibc-2.15-x86_64-9_slack14.0.txz 62c30b615e38ba63cafb8053383eabde glibc-i18n-2.15-x86_64-9_slack14.0.txz 152d094ab6bc4c7f763dd4ad1a53784c glibc-profile-2.15-x86_64-9_slack14.0.txz b256163bb179d1aebfda5f45270a0580 glibc-solibs-2.15-x86_64-9_slack14.0.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware 14.1 packages: 8f2fb91bb39d8a1db3bd6510295e6b1e glibc-2.17-i486-10_slack14.1.txz 8d179820a827a4dce028b57d3fa39237 glibc-i18n-2.17-i486-10_slack14.1.txz 19a4824c6ff8792a1166a38ceff824e0 glibc-profile-2.17-i486-10_slack14.1.txz 417dede2ae464059002b6fcc2048f942 glibc-solibs-2.17-i486-10_slack14.1.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware x86_64 14.1 packages: 490ce11a13439e30ff312769cc4fabb1 glibc-2.17-x86_64-10_slack14.1.txz cd145e0d6a12b15d5282d7d1b3de92ed glibc-i18n-2.17-x86_64-10_slack14.1.txz 93aea777dd41dc1c631dce1cf252bf14 glibc-profile-2.17-x86_64-10_slack14.1.txz 6b759039a5b3f8c88b3753e722ded78e glibc-solibs-2.17-x86_64-10_slack14.1.txz 61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz
Slackware -current packages: 395d4ad5fb71c4a56a500c3e51d07c8b a/glibc-solibs-2.20-i486-2.txz 61278ba5a904a7474e9b0b64b0daab97 a/glibc-zoneinfo-2014j-noarch-1.txz 3ca2827446e66d0d2d0e0bc8c55ba1ed l/glibc-2.20-i486-2.txz 94105b1a10c42ce0995f8ace6b4f06a8 l/glibc-i18n-2.20-i486-2.txz fcc2ad4f5aad3a7d704d708a170c5351 l/glibc-profile-2.20-i486-2.txz
Slackware x86_64 -current packages: 25129dd9dfed8a8e834c87ba40c1ef17 a/glibc-solibs-2.20-x86_64-2.txz 61278ba5a904a7474e9b0b64b0daab97 a/glibc-zoneinfo-2014j-noarch-1.txz b8ff5e308769d8e4eddccd9940058d5c l/glibc-2.20-x86_64-2.txz 8c3db9286aa93346d25ffad38178137b l/glibc-i18n-2.20-x86_64-2.txz 21f2a62d975b433f570cd5129cdc21fb l/glibc-profile-2.20-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg glibc-*
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. SEC Consult Vulnerability Lab Security Advisory < 20210901-0 > ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number: CVE-2021-39278, CVE-2021-39279 impact: High homepage: https://www.moxa.com/ found: 2020-08-31 by: T. Weber (Office Vienna) SEC Consult Vulnerability Lab
An integrated part of SEC Consult, an Atos company
Europe | Asia | North America
https://www.sec-consult.com
=======================================================================
Vendor description:
"Together, We Create Change
Moxa is committed to making a positive impact around the world. We put our all behind this commitment--from our employees, to our products and supply chain.
In our local communities, we nurture and support the spirit of volunteering. We encourage our employees to contribute to community development, with an emphasis on ecology, education, and health.
In our products, we invest in social awareness programs and environment-friendly policies at every stage of the product lifecycle. We make sure our manufacturing meets the highest standards with regards to quality, ethics, and sustainability."
Source: https://www.moxa.com/en/about-us/corporate-responsibility
Business recommendation:
SEC Consult recommends to immediately apply the available patches from the vendor. A thorough security review should be performed by security professionals to identify further potential security issues.
Vulnerability overview/description:
1) Authenticated Command Injection (CVE-2021-39279) An authenticated command injection vulnerability can be triggered by issuing a GET request to the "/forms/web_importTFTP" CGI program which is available on the web interface. An attacker can abuse this vulnerability to compromise the operating system of the device. This issue was found by emulating the firmware of the device.
2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278) Via a crafted config-file, a reflected cross-site scripting vulnerability can be exploited in the context of the victim's browser. This config-file can be uploaded to the device via the "Config Import Export" tab in the main menu. One of the discovered vulnerabilities (CVE-2015-0235, gethostbyname "GHOST" buffer overflow) was verified by using the MEDUSA scalable firmware runtime.
4) Multiple Outdated Software Components Multiple outdated software components containing vulnerabilities were found by the IoT Inspector.
The vulnerabilities 1), 2) and 3) were manually verified on an emulated device by using the MEDUSA scalable firmware runtime.
Proof of concept:
1) Authenticated Command Injection (CVE-2021-39279) The vulnerability can be triggered by navigating in the web interface to the tab:
"Main Menu"->"Maintenance"->"Config Import Export"
The "TFTP Import" menu is prone to command injection via all parameters. To exploit the vulnerability, an IP address, a configuration path and a filename must be set. If the filename is used to trigger the exploit, the payload in the interceptor proxy would be:
http://192.168.1.1/forms/web_importTFTP?servIP=192.168.1.1&configPath=/&fileName=name|ping localhost -c 100
2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278) The vulnerability can be triggered by navigating in the web interface to the tab:
"Main Menu"->"Maintenance"->"Config Import Export"
The "Config Import" menu is prone to reflected cross-site scripting via the upload of config files. Example of malicious config file:
[board] deviceName="WAC-2004_0000alert(document.cookie)" deviceLocation="" [..]
Uploading such a crafted file triggers cross-site scripting as the erroneous value is displayed without filtering characters.
The gethostbyname buffer overflow vulnerability (GHOST) was checked with the help of the exploit code from https://seclists.org/oss-sec/2015/q1/274. It was compiled and executed on the emulated device to test the system.
4) Multiple Outdated Software Components The IoT Inspector recognized multiple outdated software components with known vulnerabilities:
BusyBox 1.18.5 06/2011 Dropbear SSH 2011.54 11/2011 GNU glibc 2.9 02/2009 Linux Kernel 2.6.27 10/2008 OpenSSL 0.9.7g 04/2005 Only found in the program "iw_director" OpenSSL 1.0.0 03/2010
Vulnerable / tested versions:
The following firmware versions for various devices have been identified to be vulnerable: * WAC-2004 / 1.7 * WAC-1001 / 2.1 * WAC-1001-T / 2.1 * OnCell G3470A-LTE-EU / 1.7 * OnCell G3470A-LTE-EU-T / 1.7 * TAP-323-EU-CT-T / 1.3 * TAP-323-US-CT-T / 1.3 * TAP-323-JP-CT-T / 1.3 * WDR-3124A-EU / 2.3 * WDR-3124A-EU-T / 2.3 * WDR-3124A-US / 2.3 * WDR-3124A-US-T / 2.3
Vendor contact timeline:
2020-10-09: Contacting vendor through moxa.csrt@moxa.com. 2020-10-12: Contact sends PGP key for encrypted communication and asks for the detailed advisory. Sent encrypted advisory to vendor. 2020-11-06: Status update from vendor regarding technical analysis. Vendor requested more time for fixing the vulnerabilities as more products are affected. 2020-11-09: Granted more time for fixing to vendor. 2020-11-10: Vendor asked for next steps regarding the advisory publication. 2020-11-11: Asked vendor for an estimation when a public disclosure is possible. 2020-11-16: Vendor responded that the product team can give a rough feedback. 2020-11-25: Asked for a status update. 2020-11-25: Vendor responded that the investigation is not done yet. 2020-12-14: Vendor provided a list of potential affected devices and stated that full investigation may take until January 2021 due to the list of CVEs that were provided with the appended IoT Inspector report. The patches may be available until June 2021. 2020-12-15: Shifted next status update round with vendor on May 2021. 2020-12-23: Vendor provided full list of affected devices. 2021-02-05: Vendor sieved out the found issues from 4) manually and provided a full list of confirmed vulnerabilities. WAC-2004 phased-out in 2019. 2021-02-21: Confirmed receive of vulnerabilities, next status update in May 2021. 2021-06-10: Asking for an update. 2021-06-15: Vendor stated, that the update will be provided in the next days. 2021-06-21: Vendor will give an update in the next week as Covid gets worse in Taiwan. 2021-06-23: Vendor stated, that patches are under development. Vendor needs more time to finish the patches. 2021-06-24: Set release date to 2021-09-01. 2021-07-02: Vendor provides status updates. 2021-08-16: Vendor provides status updates. 2021-08-17: Vendor asks for CVE IDs and stated, that WDR-3124A has phased-out. 2021-08-20: Sent assigned CVE-IDs to vendor. Asked for fixed version numbers. 2021-08-31: Vendor provides fixed firmware version numbers and the advisory links. 2021-09-01: Coordinated release of security advisory.
Solution:
According to the vendor the following patches must be applied to fix issues: * WAC-1001 / 2.1.5 * WAC-1001-T / 2.1.5 * OnCell G3470A-LTE-EU / 1.7.4 * OnCell G3470A-LTE-EU-T / 1.7.4 * TAP-323-EU-CT-T / 1.8.1 * TAP-323-US-CT-T / 1.8.1 * TAP-323-JP-CT-T / 1.8.1
The Moxa Technical Support must be contacted for requesting the security patches.
The corresponding security advisories for the affected devices are available on the vendor's website: TAP-323/WAC-1001/WAC-2004 https://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities OnCell G3470A-LTE/WDR-3124A https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities
The following device models are EOL and should be replaced: * WAC-2004 * WDR-3124A-EU * WDR-3124A-EU-T * WDR-3124A-US * WDR-3124A-US-T
Workaround:
None.
Advisory URL:
https://sec-consult.com/vulnerability-lab/
SEC Consult Vulnerability Lab
SEC Consult, an Atos company
Europe | Asia | North America
About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an
Atos company. It ensures the continued knowledge gain of SEC Consult in the
field of network and application security to stay ahead of the attacker. The
SEC Consult Vulnerability Lab supports high-quality penetration testing and
the evaluation of new offensive and defensive technologies for our customers.
Hence our customers obtain the most current information about vulnerabilities
and valid recommendation about the risk profile of new technologies.
Interested to work with the experts of SEC Consult? Send us your application https://sec-consult.com/career/
Interested in improving your cyber security with the experts of SEC Consult? Contact our local offices https://sec-consult.com/contact/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult
EOF Thomas Weber / @2021
. If Apache was manually enabled and the configuration was not changed, some files that should not be accessible might have been accessible using a specially crafted URL. This issue was addressed through the addition of a mechanism to trust only a subset of certificates issued prior to the mis-issuance of the intermediate. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits. CVE-ID CVE-2015-3695 : Ian Beer of Google Project Zero CVE-2015-3696 : Ian Beer of Google Project Zero CVE-2015-3697 : Ian Beer of Google Project Zero CVE-2015-3698 : Ian Beer of Google Project Zero CVE-2015-3699 : Ian Beer of Google Project Zero CVE-2015-3700 : Ian Beer of Google Project Zero CVE-2015-3701 : Ian Beer of Google Project Zero CVE-2015-3702 : KEEN Team
ImageIO Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. CVE-ID CVE-2015-3661 : G. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs, Ryan Pentney, and Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3713 : Apple
Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the Security framework code for parsing S/MIME e-mail and some other signed or encrypted objects. CVE-ID CVE-2013-1741
Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Tampered applications may not be prevented from launching Description: Apps using custom resource rules may have been susceptible to tampering that would not have invalidated the signature
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "9.9.1"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "2.0"
},
{
"_id": null,
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "7.0"
},
{
"_id": null,
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "1.0"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "9.7.3"
},
{
"_id": null,
"model": "communications eagle lnp application processor",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "10.0"
},
{
"_id": null,
"model": "security access manager for enterprise single sign-on",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "communications eagle application processor",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "16.0"
},
{
"_id": null,
"model": "communications lsms",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "13.1"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"_id": null,
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "7.1"
},
{
"_id": null,
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "7.2"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "10.4.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.4.38"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.1"
},
{
"_id": null,
"model": "vm virtualbox",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "5.1.24"
},
{
"_id": null,
"model": "glibc",
"scope": "lt",
"trust": 1.0,
"vendor": "gnu",
"version": "2.18"
},
{
"_id": null,
"model": "communications user data repository",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2.0"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.6.6"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2.0"
},
{
"_id": null,
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.5.22"
},
{
"_id": null,
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.0.0.0"
},
{
"_id": null,
"model": "glibc",
"scope": "gte",
"trust": 1.0,
"vendor": "gnu",
"version": "2.0"
},
{
"_id": null,
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.0"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "3.7.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"_id": null,
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"_id": null,
"model": "communications user data repository",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0.0"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.17"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.14.1"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.15"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.13"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.12"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.14"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.11.2"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.12.2"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.16"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "2.12.1"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"_id": null,
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"_id": null,
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"_id": null,
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"_id": null,
"model": "embedded glibc",
"scope": "lt",
"trust": 0.8,
"vendor": "gnu",
"version": "2.14"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7835"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7225"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.5"
},
{
"_id": null,
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.4"
},
{
"_id": null,
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "point software security gateway r75.20.4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "80"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.3"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "ios-xe for catalyst air-ct5760",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5890"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.10.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "platform director",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "2.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.2"
},
{
"_id": null,
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "point software secureplatform os r76",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.5"
},
{
"_id": null,
"model": "operations manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.00"
},
{
"_id": null,
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "point software security management r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "point software gaia os r75.0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.16"
},
{
"_id": null,
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.7"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "platform director",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.0.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "fortiswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"_id": null,
"model": "mobility software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5.3.0"
},
{
"_id": null,
"model": "big-ip edge gateway 11.1.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip asm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "point software secureplatform r60 hfa 05",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"_id": null,
"model": "system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "fs1-2 flash storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4"
},
{
"_id": null,
"model": "telepresence te software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "ascenlink 7.1-b5745",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": "linux enterprise software development kit sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.6"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "qradar risk manager mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
},
{
"_id": null,
"model": "operation agent virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.9"
},
{
"_id": null,
"model": "videoscape distribution suite transparent caching",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "flex system ib6131 40gb infiniband switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"_id": null,
"model": "fs1-2 flash storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "point software secureplatform r65 hfa02",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.5.1"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9393"
},
{
"_id": null,
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"_id": null,
"model": "realpresence resource manager",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "8.3.1"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5855"
},
{
"_id": null,
"model": "sparc enterprise m5000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "point software security gateway r75.46",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "xiv storage system a",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.4"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "ruggedcom ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14040"
},
{
"_id": null,
"model": "point software security management r75.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "app for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "3.1.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15.1"
},
{
"_id": null,
"model": "integrated lights out manager",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.6"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9303"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"_id": null,
"model": "big-ip webaccelerator hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "point software gaia os r75.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"_id": null,
"model": "ctpview",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.4"
},
{
"_id": null,
"model": "communications application session controller 3.7.1m0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.6"
},
{
"_id": null,
"model": "point software secureplatform os r77.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.13"
},
{
"_id": null,
"model": "point software gaia os r77.0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"_id": null,
"model": "flex system en6131 40gb ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.3"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"_id": null,
"model": "cloudaxis wsp",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "mds 9222i multilayer fabric switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12"
},
{
"_id": null,
"model": "rss",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "40000"
},
{
"_id": null,
"model": "mds multilayer director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95060"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mds 9250i multilayer fabric switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.6"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9"
},
{
"_id": null,
"model": "qradar siem mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"_id": null,
"model": "aura communication manager ssp04",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "ruggedcom ape1404-c01",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.8"
},
{
"_id": null,
"model": "point software security gateway r71.00",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "80"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1"
},
{
"_id": null,
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"_id": null,
"model": "manycore platform software stack",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "3.4.3"
},
{
"_id": null,
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"_id": null,
"model": "ruggedcom ape 1402-c01",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2015"
},
{
"_id": null,
"model": "big-ip edge gateway 10.2.3-hf1",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"_id": null,
"model": "distributed media application",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "6.2.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux enterprise server sp3 for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "8700"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "helion application lifecycle service for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.1.11"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"_id": null,
"model": "ethernet switch es2-64",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"_id": null,
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.14"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"_id": null,
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "point software secureplatform r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.4"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.3"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "communications user data repository",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.0"
},
{
"_id": null,
"model": "secure acs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.446.5"
},
{
"_id": null,
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "one-x client enablement services sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "point software security gateway r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.5"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "sunstone xrv-64 vrp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.1"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.10"
},
{
"_id": null,
"model": "point software gaia os r77.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"_id": null,
"model": "mds fiber channel switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "physical access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"_id": null,
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60000"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.11"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "point software security management r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "ethernet switch es2-72",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.9.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "security proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"_id": null,
"model": "aura conferencing sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.3"
},
{
"_id": null,
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "video border proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.10"
},
{
"_id": null,
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.11"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "ios-xe for asr1k",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"_id": null,
"model": "point software vsx r67",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"_id": null,
"model": "big-ip edge gateway 11.0.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"_id": null,
"model": "point software security gateway r75.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.5"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1.1"
},
{
"_id": null,
"model": "fortisanbbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "point software gaia os r76.0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.5"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "videoscape back office",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7845"
},
{
"_id": null,
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.2"
},
{
"_id": null,
"model": "xiv storage system 10.2.4.e-7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2810"
},
{
"_id": null,
"model": "point software security gateway r71.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"_id": null,
"model": "mds fabric switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "91240"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "rss",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "40008.5.3"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50200"
},
{
"_id": null,
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "point software gaia os r71.0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "cms r17 r4",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "ascenlink 7.1-b5599",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.1"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.34"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "capture server",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "2.0"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"_id": null,
"model": "cloudaxis wsp",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "1.7"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.11"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.1"
},
{
"_id": null,
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.4"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7855"
},
{
"_id": null,
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip apm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"_id": null,
"model": "prime infrastructure plug and play gateway server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"_id": null,
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "capture server",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1"
},
{
"_id": null,
"model": "fortiadc-d",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "ace \u0026 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"_id": null,
"model": "sparc enterprise m4000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "76009.7"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "mds fabric switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "91340"
},
{
"_id": null,
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "sun data center infiniband switch",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "360"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.2.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "fortivoice 200d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "aura application server sip core pb28",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5845"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"_id": null,
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-37"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"_id": null,
"model": "as infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.2"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "big-ip edge gateway hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"_id": null,
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.4"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.2"
},
{
"_id": null,
"model": "point software security gateway r76",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "ios-xe for catalyst 4k",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "point software secureplatform r71.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "realpresence resource manager",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"_id": null,
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.44"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "point software secureplatform os r75.40vs",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "big-ip wom hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"_id": null,
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "point software security gateway r77",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"_id": null,
"model": "point software secureplatform os r75.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "prime network service controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "message networking sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "xiv storage system a",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4.1"
},
{
"_id": null,
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "big-ip edge gateway hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.12.1"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.5"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.4"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"_id": null,
"model": "point software security gateway r75.40 vs",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.4.1"
},
{
"_id": null,
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"_id": null,
"model": "network performance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2"
},
{
"_id": null,
"model": "ios-xe for asr903",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.4"
},
{
"_id": null,
"model": "hunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2"
},
{
"_id": null,
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mobility software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.3.0"
},
{
"_id": null,
"model": "ace series application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47000"
},
{
"_id": null,
"model": "webex node",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "big-ip wom hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "big-ip analytics 11.0.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "ios-xe for isr4400",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "point software gaia os r70.0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"_id": null,
"model": "point software gaia os r75.47",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.3.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.6"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.6"
},
{
"_id": null,
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"_id": null,
"model": "point software security gateway r77.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "message networking sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7220"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.16"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.3"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.12"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.13"
},
{
"_id": null,
"model": "hyper-scale manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "big-ip edge gateway hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"_id": null,
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.42"
},
{
"_id": null,
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"_id": null,
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.9"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.9"
},
{
"_id": null,
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "uc phones",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "??vvx0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"_id": null,
"model": "realpresence collaboration server hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "8.4.2"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"_id": null,
"model": "point software security gateway r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "point software secureplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "2.60"
},
{
"_id": null,
"model": "point software security gateway r75.20",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "80"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.14"
},
{
"_id": null,
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"_id": null,
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "point software security gateway r71.45",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "80"
},
{
"_id": null,
"model": "point software security management r71.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.10"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.6.1"
},
{
"_id": null,
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.1"
},
{
"_id": null,
"model": "point software secureplatform os r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.2"
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.01"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"_id": null,
"model": "point software multi-domain management/provider-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.43"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"_id": null,
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip edge gateway 11.1.0-hf3",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "mds director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "97060"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "sun network qdr infiniband gateway switch",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2.2"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "point software secureplatform os r77.10",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "qradar risk manager mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.18"
},
{
"_id": null,
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "mint",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.00"
},
{
"_id": null,
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "fortivoice",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"_id": null,
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "3"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.15"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"_id": null,
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.8"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.4"
},
{
"_id": null,
"model": "ascenlink",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.2"
},
{
"_id": null,
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"_id": null,
"model": "ruggedcom ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "14020"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"_id": null,
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "point software security management r65.70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"_id": null,
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ip office application server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.02"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.15"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"_id": null,
"model": "helion application lifecycle service for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.1.10"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.4"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8.1.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "matrix operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"_id": null,
"model": "big-ip wom hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "point software secureplatform r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "nexus series fex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"_id": null,
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"_id": null,
"model": "operation agent virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.13"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "content sharing suite client/server",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5875"
},
{
"_id": null,
"model": "point software secureplatform os r75.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.9.0"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.01"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.3"
},
{
"_id": null,
"model": "ctp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "distributed media application",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "6.1.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.0"
},
{
"_id": null,
"model": "ios-xe for catalyst 3k",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sparc enterprise m3000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.2"
},
{
"_id": null,
"model": "qradar vulnerability manager patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"_id": null,
"model": "xiv storage system 10.2.4.e-6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2810"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7830"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.4"
},
{
"_id": null,
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip gtm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50100"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.2"
},
{
"_id": null,
"model": "hdx",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "3.1.7"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"_id": null,
"model": "telepresence recording server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "point software secureplatform os r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"_id": null,
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip link controller 11.1.0-hf3",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "8900"
},
{
"_id": null,
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"_id": null,
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0.5"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.3"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.2"
},
{
"_id": null,
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"_id": null,
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "communications session border controller 7.2.0m4",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"_id": null,
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.11"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "fs1-2 flash storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.40"
},
{
"_id": null,
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.7.0"
},
{
"_id": null,
"model": "powervu d9190 conditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "glibc",
"scope": "ne",
"trust": 0.3,
"vendor": "gnu",
"version": "2.18"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"_id": null,
"model": "flex system ib6131 40gb infiniband switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1110"
},
{
"_id": null,
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"_id": null,
"model": "point software vsx",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"_id": null,
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge gateway 11.0.0-hf1",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"_id": null,
"model": "aura conferencing sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"_id": null,
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.9"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "operation agent virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.12"
},
{
"_id": null,
"model": "point software gaia os r75.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "ios-xe for csr1000v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.10"
},
{
"_id": null,
"model": "point software gaia os r75.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"_id": null,
"model": "realpresence collaboration server",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "5865"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"_id": null,
"model": "mds multiplayer director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95130"
},
{
"_id": null,
"model": "point software security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"_id": null,
"model": "enterprise manager 2.1.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9302"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13"
},
{
"_id": null,
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "linux enterprise server sp1 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"_id": null,
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "glibc",
"scope": "ne",
"trust": 0.3,
"vendor": "gnu",
"version": "2.19"
},
{
"_id": null,
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "point software secureplatform os r75.46",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "manycore platform software stack",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.3"
},
{
"_id": null,
"model": "qradar risk manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"_id": null,
"model": "ios-xe for catalyst 3k 4k",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "point software secureplatform os r75.45",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"_id": null,
"model": "sun network qdr infiniband gateway switch",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "point software secureplatform r70.40",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "point software gaia os r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"_id": null,
"model": "big-ip link controller 11.1.0-hf2",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": "point software gaia os r75.46",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.5"
},
{
"_id": null,
"model": "flex system en6131 40gb ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1110"
},
{
"_id": null,
"model": "point software secureplatform os r75.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "big-ip webaccelerator hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.10"
},
{
"_id": null,
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3.1"
},
{
"_id": null,
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-32"
},
{
"_id": null,
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.7"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "6655"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"_id": null,
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "wireless security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.8"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.10"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "security identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4"
},
{
"_id": null,
"model": "point software vsx r65.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "qradar risk manager patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"_id": null,
"model": "aura conferencing sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "switch es1-24",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.3"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"_id": null,
"model": "alienvault",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.15"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.8"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.1"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "mds 9148s switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "aura application server sip core sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "ios-xr for cisco network convergence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"_id": null,
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3"
},
{
"_id": null,
"model": "mobility software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.0.0"
},
{
"_id": null,
"model": "digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43100"
},
{
"_id": null,
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47000"
},
{
"_id": null,
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9301"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"_id": null,
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "aura application server sip core sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.4"
},
{
"_id": null,
"model": "operation agent virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"_id": null,
"model": "sun data center infiniband switch",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "362.2.2"
},
{
"_id": null,
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.4"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)4.4"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.20"
},
{
"_id": null,
"model": "mds director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "97100"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "36550"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"_id": null,
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"_id": null,
"model": "videoscape conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"_id": null,
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.41"
},
{
"_id": null,
"model": "as infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"_id": null,
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1.0"
},
{
"_id": null,
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "websphere transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.10"
},
{
"_id": null,
"model": "hdx",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.3"
},
{
"_id": null,
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"_id": null,
"model": "point software security management",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"_id": null,
"model": "point software secureplatform os r75.47",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.5"
},
{
"_id": null,
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"_id": null,
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.0"
},
{
"_id": null,
"model": "uc phones",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "??vvx5.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.2"
},
{
"_id": null,
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.12"
},
{
"_id": null,
"model": "mds multilayer director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95090"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.12"
},
{
"_id": null,
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.5.2"
},
{
"_id": null,
"model": "qradar siem patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.43"
},
{
"_id": null,
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"_id": null,
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "point software gaia os r77.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"_id": null,
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.11.3"
},
{
"_id": null,
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "point software security management r75.20",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"_id": null,
"model": "big-ip wom hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "traffix-sdc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.3.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.2.3"
},
{
"_id": null,
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"_id": null,
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "point software secureplatform os r77",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "sparc enterprise m8000",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"_id": null,
"model": "security identity governance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "forticache",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "qradar risk manager mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"_id": null,
"model": "virtualization performance viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.14"
},
{
"_id": null,
"model": "cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "0"
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"_id": null,
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "fortiwan",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.12"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"_id": null,
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.3"
},
{
"_id": null,
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"_id": null,
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"_id": null,
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "mds fiber channel switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"_id": null,
"model": "video border proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "11.2.22"
},
{
"_id": null,
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"_id": null,
"model": "content sharing suite client/server",
"scope": "ne",
"trust": 0.3,
"vendor": "polycom",
"version": "1.5"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"_id": null,
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "point software security gateway r75.47",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"_id": null,
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "79700"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.3"
},
{
"_id": null,
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1100"
},
{
"_id": null,
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"_id": null,
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.2"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"_id": null,
"model": "aura conferencing sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.2"
},
{
"_id": null,
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.21"
},
{
"_id": null,
"model": "evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "11.4"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.3.5"
},
{
"_id": null,
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"_id": null,
"model": "intercloud fabric",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "qradar incident forensics patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.41"
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.11.1"
},
{
"_id": null,
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"_id": null,
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "fortiddos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"_id": null,
"model": "session border controller for enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.0"
},
{
"_id": null,
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"_id": null,
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.9"
},
{
"_id": null,
"model": "point software security gateway r71.00",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"_id": null,
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"_id": null,
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.7"
},
{
"_id": null,
"model": "big-ip edge gateway hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"_id": null,
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"_id": null,
"model": "distributed media application",
"scope": "eq",
"trust": 0.3,
"vendor": "polycom",
"version": "0"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"_id": null,
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"_id": null,
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.4"
},
{
"_id": null,
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.6"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.5.1"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.7"
},
{
"_id": null,
"model": "slim",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip edge gateway hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"_id": null,
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"_id": null,
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"_id": null,
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"_id": null,
"model": "point software gaia os r75.30",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"_id": null,
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"_id": null,
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "glibc",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "2.8"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.5"
},
{
"_id": null,
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"_id": null,
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"_id": null,
"model": "thinpro linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "(x86)5.1"
},
{
"_id": null,
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"_id": null,
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"_id": null,
"model": "qradar siem mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.19"
},
{
"_id": null,
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"_id": null,
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.9"
},
{
"_id": null,
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "110"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "BID",
"id": "72325"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:canonical:ubuntu_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:debian:debian_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:fedoraproject:fedora",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:gnu:eglibc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:suse:linux_enterprise_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
}
]
},
"credits": {
"_id": null,
"data": "Qualys",
"sources": [
{
"db": "BID",
"id": "72325"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.9
},
"cve": "CVE-2015-0235",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0235",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 5.9,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0235",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-0235",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-78181",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-0235",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0235",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0235",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-658",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78181",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\". This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name \"GHOST\". eglibc The package contains a classic buffer overflow vulnerability.Denial of service (DoS) May be in a state. GNU glibc is prone to a heap-based buffer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may crash the application, denying service to legitimate users. \nCVE-ID\nCVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of\nTsinghua University, Jian Jiang of University of California,\nBerkeley, Haixin Duan of Tsinghua University and International\nComputer Science Institute, Shuo Chen of Microsoft Research Redmond,\nTao Wan of Huawei Canada, Nicholas Weaver of International Computer\nScience Institute and University of California, Berkeley, coordinated\nvia CERT/CC\n\nconfigd\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to elevate privileges\nDescription: A heap based buffer overflow issue existed in the DNS\nclient library. A malicious application with the ability to spoof\nresponses from the local configd service may have been able to cause\narbitrary code execution in DNS clients. \nCVE-ID\nCVE-2015-6994 : Mark Mentovai of Google Inc. A developer-signed app could bypass restrictions on\nuse of restricted entitlements and elevate privileges. These\nissues were addressed by using patches affecting OS X from upstream. This was addressed by disabling synthetic\nclicks for keychain access windows. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-09-30-3 OS X El Capitan 10.11\n\nOS X El Capitan 10.11 is now available and addresses the following:\n\nAddress Book\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to inject arbitrary code to\nprocesses loading the Address Book framework\nDescription: An issue existed in Address Book framework\u0027s handling\nof an environment variable. This issue was addressed through improved\nenvironment variable handling. \nCVE-ID\nCVE-2015-5897 : Dan Bastone of Gotham Digital Science\n\nAirScan\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker with a privileged network position may be able\nto extract payload from eSCL packets sent over a secure connection\nDescription: An issue existed in the processing of eSCL packets. \nThis issue was addressed through improved validation checks. \nCVE-ID\nCVE-2015-5853 : an anonymous researcher\n\napache_mod_php\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.27, including one which may have led to remote code execution. \nThis issue was addressed by updating PHP to version 5.5.27. \nCVE-ID\nCVE-2014-9425\nCVE-2014-9427\nCVE-2014-9652\nCVE-2014-9705\nCVE-2014-9709\nCVE-2015-0231\nCVE-2015-0232\nCVE-2015-0235\nCVE-2015-0273\nCVE-2015-1351\nCVE-2015-1352\nCVE-2015-2301\nCVE-2015-2305\nCVE-2015-2331\nCVE-2015-2348\nCVE-2015-2783\nCVE-2015-2787\nCVE-2015-3329\nCVE-2015-3330\n\nApple Online Store Kit\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may gain access to a user\u0027s keychain\nitems\nDescription: An issue existed in validation of access control lists\nfor iCloud keychain items. This issue was addressed through improved\naccess control list checks. \nCVE-ID\nCVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of\nIndiana University, Tongxin Li of Peking University, Tongxin Li of\nPeking University, Xiaolong Bai of Tsinghua University\n\nAppleEvents\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A user connected through screen sharing can send Apple\nEvents to a local user\u0027s session\nDescription: An issue existed with Apple Event filtering that\nallowed some users to send events to other users. This was addressed\nby improved Apple Event handling. \nCVE-ID\nCVE-2015-5849 : Jack Lawrence (@_jackhl)\n\nAudio\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Playing a malicious audio file may lead to an unexpected\napplication termination\nDescription: A memory corruption issue existed in the handling of\naudio files. This issue issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\n\nbash\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in bash\nDescription: Multiple vulnerabilities existed in bash versions prior\nto 3.2 patch level 57. These issues were addressed by updating bash\nversion 3.2 to patch level 57. \nCVE-ID\nCVE-2014-6277\nCVE-2014-7186\nCVE-2014-7187\n\nCertificate Trust Policy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Update to the certificate trust policy\nDescription: The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT202858. \n\nCFNetwork Cookies\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a privileged network position can track a\nuser\u0027s activity\nDescription: A cross-domain cookie issue existed in the handling of\ntop level domains. The issue was address through improved\nrestrictions of cookie creation. \nCVE-ID\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork FTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Malicious FTP servers may be able to cause the client to\nperform reconnaissance on other hosts\nDescription: An issue existed in the handling of FTP packets when\nusing the PASV command. This issue was resolved through improved\nvalidation. \nCVE-ID\nCVE-2015-5912 : Amit Klein\n\nCFNetwork HTTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A maliciously crafted URL may be able to bypass HSTS and\nleak sensitive data\nDescription: A URL parsing vulnerability existed in HSTS handling. \nThis issue was addressed through improved URL parsing. \nCVE-ID\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork HTTPProtocol\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious website may be able to track users in Safari\nprivate browsing mode\nDescription: An issue existed in the handling of HSTS state in\nSafari private browsing mode. This issue was addressed through\nimproved state handling. \nCVE-ID\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\n\nCFNetwork Proxies\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Connecting to a malicious web proxy may set malicious\ncookies for a website\nDescription: An issue existed in the handling of proxy connect\nresponses. This issue was addressed by removing the set-cookie header\nwhile parsing the connect response. \nCVE-ID\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork SSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription: A certificate validation issue existed in NSURL when a\ncertificate changed. This issue was addressed through improved\ncertificate validation. \nCVE-ID\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\n\nCFNetwork SSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There are known attacks on the confidentiality of RC4. \nAn attacker could force the use of RC4, even if the server preferred\nbetter ciphers, by blocking TLS 1.0 and higher connections until\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\naddressed by removing the fallback to SSL 3.0. \n\nCoreCrypto\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to determine a private key\nDescription: By observing many signing or decryption attempts, an\nattacker may have been able to determine the RSA private key. This\nissue was addressed using improved encryption algorithms. \n\nCoreText\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\n\nDev Tools\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in dyld. This was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-5876 : beist of grayhash\n\nDev Tools\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An application may be able to bypass code signing\nDescription: An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : @PanguTeam\n\nDisk Images\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in DiskImages. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\n\ndyld\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An application may be able to bypass code signing\nDescription: An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : TaiG Jailbreak Team\n\nEFI\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application can prevent some systems from\nbooting\nDescription: An issue existed with the addresses covered by the\nprotected range register. This issue was fixed by changing the\nprotected range. \nCVE-ID\nCVE-2015-5900 : Xeno Kovah \u0026 Corey Kallenberg from LegbaCore\n\nEFI\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious Apple Ethernet Thunderbolt adapter may be able\nto affect firmware flashing\nDescription: Apple Ethernet Thunderbolt adapters could modify the\nhost firmware if connected during an EFI update. This issue was\naddressed by not loading option ROMs during updates. \nCVE-ID\nCVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare\n\nFinder\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The \"Secure Empty Trash\" feature may not securely delete\nfiles placed in the Trash\nDescription: An issue existed in guaranteeing secure deletion of\nTrash files on some systems, such as those with flash storage. This\nissue was addressed by removing the \"Secure Empty Trash\" option. \nCVE-ID\nCVE-2015-5901 : Apple\n\nGame Center\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious Game Center application may be able to access a\nplayer\u0027s email address\nDescription: An issue existed in Game Center in the handling of a\nplayer\u0027s email. This issue was addressed through improved access\nrestrictions. \nCVE-ID\nCVE-2015-5855 : Nasser Alnasser\n\nHeimdal\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to replay Kerberos credentials to\nthe SMB server\nDescription: An authentication issue existed in Kerberos\ncredentials. This issue was addressed through additional validation\nof credentials using a list of recently seen credentials. \nCVE-ID\nCVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu\nFan of Microsoft Corporation, China\n\nICU\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in ICU\nDescription: Multiple vulnerabilities existed in ICU versions prior\nto 53.1.0. These issues were addressed by updating ICU to version\n55.1. \nCVE-ID\nCVE-2014-8146\nCVE-2014-8147\nCVE-2015-5922\n\nInstall Framework Legacy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to gain root privileges\nDescription: A restriction issue existed in the Install private\nframework containing a privileged executable. This issue was\naddressed by removing the executable. \nCVE-ID\nCVE-2015-5888 : Apple\n\nIntel Graphics Driver\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: Multiple memory corruption issues existed in the Intel\nGraphics Driver. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5830 : Yuki MIZUNO (@mzyy94)\nCVE-2015-5877 : Camillus Gerard Cai\n\nIOAudioFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in IOAudioFamily that led to the\ndisclosure of kernel memory content. This issue was addressed by\npermuting kernel pointers. \nCVE-ID\nCVE-2015-5864 : Luca Todesco\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues existed in the\nkernel. These issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5871 : Ilja van Sprundel of IOActive\nCVE-2015-5872 : Ilja van Sprundel of IOActive\nCVE-2015-5873 : Ilja van Sprundel of IOActive\nCVE-2015-5890 : Ilja van Sprundel of IOActive\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in IOGraphics which could have led to\nthe disclosure of kernel memory layout. This issue was addressed\nthrough improved memory management. \nCVE-ID\nCVE-2015-5865 : Luca Todesco\n\nIOHIDFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple memory corruption issues existed in\nIOHIDFamily. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5866 : Apple\nCVE-2015-5867 : moony li of Trend Micro\n\nIOStorageFamily\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to read kernel memory\nDescription: A memory initialization issue existed in the kernel. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5863 : Ilja van Sprundel of IOActive\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues existed in the\nKernel. These issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\nCVE-2015-5896 : Maxime Villard of m00nbsd\nCVE-2015-5903 : CESG\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local process can modify other processes without\nentitlement checks\nDescription: An issue existed where root processes using the\nprocessor_set_tasks API were allowed to retrieve the task ports of\nother processes. This issue was addressed through additional\nentitlement checks. \nCVE-ID\nCVE-2015-5882 : Pedro Vilaca, working from original research by\nMing-chieh Pan and Sung-ting Tsai; Jonathan Levin\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may control the value of stack cookies\nDescription: Multiple weaknesses existed in the generation of user\nspace stack cookies. These issues were addressed through improved\ngeneration of stack cookies. \nCVE-ID\nCVE-2013-3951 : Stefan Esser\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker may be able to launch denial of service attacks\non targeted TCP connections without knowing the correct sequence\nnumber\nDescription: An issue existed in xnu\u0027s validation of TCP packet\nheaders. This issue was addressed through improved TCP packet header\nvalidation. \nCVE-ID\nCVE-2015-5879 : Jonathan Looney\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a local LAN segment may disable IPv6 routing\nDescription: An insufficient validation issue existed in the\nhandling of IPv6 router advertisements that allowed an attacker to\nset the hop limit to an arbitrary value. This issue was addressed by\nenforcing a minimum hop limit. \nCVE-ID\nCVE-2015-5869 : Dennis Spindel Ljungmark\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed that led to the disclosure of kernel\nmemory layout. This was addressed through improved initialization of\nkernel memory structures. \nCVE-ID\nCVE-2015-5842 : beist of grayhash\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in debugging interfaces that led to\nthe disclosure of memory content. This issue was addressed by\nsanitizing output from debugging interfaces. \nCVE-ID\nCVE-2015-5870 : Apple\n\nKernel\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A state management issue existed in debugging\nfunctionality. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team\n\nlibc\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\nCorporation\n\nlibpthread\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\n\nlibxpc\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Many SSH connections could cause a denial of service\nDescription: launchd had no limit on the number of processes that\ncould be started by a network connection. This issue was addressed by\nlimiting the number of SSH processes to 40. \nCVE-ID\nCVE-2015-5881 : Apple\n\nLogin Window\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The screen lock may not engage after the specified time\nperiod\nDescription: An issue existed with captured display locking. The\nissue was addressed through improved lock handling. \nCVE-ID\nCVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau\ninformationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni\nVaahtera, and an anonymous researcher\n\nlukemftpd\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A remote attacker may be able to deny service to the FTP\nserver\nDescription: A glob-processing issue existed in tnftpd. This issue\nwas addressed through improved glob validation. \nCVE-ID\nCVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com\n\nMail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Printing an email may leak sensitive user information\nDescription: An issue existed in Mail which bypassed user\npreferences when printing an email. This issue was addressed through\nimproved user preference enforcement. \nCVE-ID\nCVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya,\nDennis Klein from Eschenburg, Germany, Jeff Hammett of Systim\nTechnology Partners\n\nMail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: An attacker in a privileged network position may be able to\nintercept attachments of S/MIME-encrypted e-mail sent via Mail Drop\nDescription: An issue existed in handling encryption parameters for\nlarge email attachments sent via Mail Drop. The issue is addressed by\nno longer offering Mail Drop when sending an encrypted e-mail. \nCVE-ID\nCVE-2015-5884 : John McCombs of Integrated Mapping Ltd\n\nMultipeer Connectivity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may be able to observe unprotected\nmultipeer data\nDescription: An issue existed in convenience initializer handling in\nwhich encryption could be actively downgraded to a non-encrypted\nsession. This issue was addressed by changing the convenience\ninitializer to require encryption. \nCVE-ID\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\n\nNetworkExtension\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An uninitialized memory issue in the kernel led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved memory initialization. \nCVE-ID\nCVE-2015-5831 : Maxime Villard of m00nbsd\n\nNotes\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to leak sensitive user information\nDescription: An issue existed in parsing links in the Notes\napplication. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher\n\nNotes\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to leak sensitive user information\nDescription: A cross-site scripting issue existed in parsing text by\nthe Notes application. This issue was addressed through improved\ninput validation. \nCVE-ID\nCVE-2015-5875 : xisigr of Tencent\u0027s Xuanwu LAB (www.tencent.com)\n\nOpenSSH\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in OpenSSH\nDescription: Multiple vulnerabilities existed in OpenSSH versions\nprior to 6.9. These issues were addressed by updating OpenSSH to\nversion 6.9. \nCVE-ID\nCVE-2014-2532\n\nOpenSSL\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in OpenSSL\nDescription: Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-0286\nCVE-2015-0287\n\nprocmail\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in procmail\nDescription: Multiple vulnerabilities existed in procmail versions\nprior to 3.22. These issues were addressed by removing procmail. \nCVE-ID\nCVE-2014-3618\n\nremote_cmds\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with root\nprivileges\nDescription: An issue existed in the usage of environment variables\nby the rsh binary. This issue was addressed by dropping setuid\nprivileges from the rsh binary. \nCVE-ID\nCVE-2015-5889 : Philip Pettersson\n\nremovefile\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Processing malicious data may lead to unexpected application\ntermination\nDescription: An overflow fault existed in the checkint division\nroutines. This issue was addressed with improved division routines. \nCVE-ID\nCVE-2015-5840 : an anonymous researcher\n\nRuby\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in Ruby\nDescription: Multiple vulnerabilities existed in Ruby versions prior\nto 2.0.0p645. These were addressed by updating Ruby to version\n2.0.0p645. \nCVE-ID\nCVE-2014-8080\nCVE-2014-8090\nCVE-2015-1855\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: The lock state of the keychain may be incorrectly displayed\nto the user\nDescription: A state management issue existed in the way keychain\nlock status was tracked. This issue was addressed through improved\nstate management. \nCVE-ID\nCVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron,\nEric E. Lawrence, Apple\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A trust evaluation configured to require revocation checking\nmay succeed even if revocation checking fails\nDescription: The kSecRevocationRequirePositiveResponse flag was\nspecified but not implemented. This issue was addressed by\nimplementing the flag. \nCVE-ID\nCVE-2015-5894 : Hannes Oud of kWallet GmbH\n\nSecurity\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A remote server may prompt for a certificate before\nidentifying itself\nDescription: Secure Transport accepted the CertificateRequest\nmessage before the ServerKeyExchange message. This issue was\naddressed by requiring the ServerKeyExchange first. \nCVE-ID\nCVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine\nDelignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of\nINRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of\nMicrosoft Research, Pierre-Yves Strub of IMDEA Software Institute\n\nSMB\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5891 : Ilja van Sprundel of IOActive\n\nSMB\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An issue existed in SMBClient that led to the\ndisclosure of kernel memory content. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-5893 : Ilja van Sprundel of IOActive\n\nSQLite\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Multiple vulnerabilities in SQLite v3.8.5\nDescription: Multiple vulnerabilities existed in SQLite v3.8.5. \nThese issues were addressed by updating SQLite to version 3.8.10.2. \nCVE-ID\nCVE-2015-3414\nCVE-2015-3415\nCVE-2015-3416\n\nTelephony\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker can place phone calls without the user\u0027s\nknowledge when using Continuity\nDescription: An issue existed in the authorization checks for\nplacing phone calls. This issue was addressed through improved\nauthorization checks. \nCVE-ID\nCVE-2015-3785 : Dan Bastone of Gotham Digital Science\n\nTerminal\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Maliciously crafted text could mislead the user in Terminal\nDescription: Terminal did not handle bidirectional override\ncharacters in the same way when displaying text and when selecting\ntext. This issue was addressed by suppressing bidirectional override\ncharacters in Terminal. \nCVE-ID\nCVE-2015-5883 : an anonymous researcher\n\ntidy\nAvailable for: Mac OS X v10.6.8 and later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in tidy. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\n\nTime Machine\nAvailable for: Mac OS X v10.6.8 and later\nImpact: A local attacker may gain access to keychain items\nDescription: An issue existed in backups by the Time Machine\nframework. This issue was addressed through improved coverage of Time\nMachine backups. \nCVE-ID\nCVE-2015-5854 : Jonas Magazinius of Assured AB\n\nNote: OS X El Capitan 10.11 includes the security content of\nSafari 9: https://support.apple.com/kb/HT205265. \n\nOS X El Capitan 10.11 may be obtained from the Mac App Store:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw\nS5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO\n/hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6\nQhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54\nYJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop\nhpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O\nc3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR\n8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r\nN1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT\nfJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1\nnJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e\ng6jld/w5tPuCFhGucE7Z\n=XciV\n-----END PGP SIGNATURE-----\n. Independently operating for three\ngenerations, WAGO is the global leader of spring pressure electrical\ninterconnect and automation solutions. For more than 60 years, WAGO has\ndeveloped and produced innovative products for packaging, transportation,\nprocess, industrial and building automation markets amongst others. Aside from\nits innovations in spring pressure connection technology, WAGO has introduced\nnumerous innovations that have revolutionized industry. \nFurthermore, hardcoded password hashes and credentials were also found by doing\nan automated scan with IoT Inspector. The validity of the password hashes and the embedded keys were\nalso verified by emulating the device. The outdated version was found by IoT Inspector. The outdated version was found by IoT Inspector. \n\n3) Hardcoded Credentials (CVE-2019-12550)\nThe device contains hardcoded users and passwords which can be used to login\nvia SSH and Telnet. \n\n4) Embedded Private Keys (CVE-2019-12549)\nThe device contains hardcoded private keys for the SSH daemon. The fingerprint\nof the SSH host key from the corresponding SSH daemon matches to the embedded\nprivate key. A file with the name \"\\ectest\\n\\e]55;test.txt\\a\" was created\nto trigger the vulnerability. \n\n\n3) Hardcoded Credentials (CVE-2019-12550)\nThe following credentials were found in the \u0027passwd\u0027 file of the firmware:\n\u003cPassword Hash\u003e \u003cPlaintext\u003e \u003cUser\u003e\n\u003cremoved\u003e \u003cremoved\u003e root\nNo password is set for the account [EMPTY PASSWORD] admin\n\nBy using these credentials, it\u0027s possible to connect via Telnet and SSH on the\nemulated device. Example for Telnet:\n-------------------------------------------------------------------------------\n[root@localhost ~]# telnet 192.168.0.133\nTrying 192.168.0.133... \nConnected to 192.168.0.133. \nEscape character is \u0027^]\u0027. \n\nL2SWITCH login: root\nPassword:\n~ #\n-------------------------------------------------------------------------------\nExample for SSH:\n-------------------------------------------------------------------------------\n[root@localhost ~]# ssh 192.168.0.133\nroot@192.168.0.133\u0027s password:\n~ #\n-------------------------------------------------------------------------------\n\n\n4) Embedded Private Keys (CVE-2019-12549)\nThe following host key fingerprint is shown by accessing the SSH daemon on\nthe emulated device:\n\n[root@localhost ~]# ssh 192.168.0.133\nThe authenticity of host \u0027192.168.0.133 (192.168.0.133)\u0027 can\u0027t be established. \nRSA key fingerprint is SHA256:X5Vr0/x0/j62N/aqZmHz96ojwl8x/I8mfzuT8o6uZso. \nRSA key fingerprint is MD5:2e:65:85:fc:45:04:bd:68:30:74:51:45:7d:2f:95:e2. \n\nThis matches the embedded private key (which has been removed from this advisory):\nSSH Fingerprint: 2e:65:85:fc:45:04:bd:68:30:74:51:45:7d:2f:95:e2\n\n\nVulnerable / tested versions:\n-----------------------------\nAccording to the vendor, the following versions are affected:\n* 852-303: \u003cv1.2.2.S0\n* 852-1305: \u003cv1.1.6.S0\n* 852-1505: \u003cv1.1.5.S0\n\n\nVendor contact timeline:\n------------------------\n2019-03-12: Contacting VDE CERT through info@cert.vde.com, received confirmation\n2019-03-26: Asking for a status update, VDE CERT is still waiting for details\n2019-03-28: VDE CERT requests information from WAGO again\n2019-04-09: Asking for a status update\n2019-04-11: VDE CERT: patched firmware release planned for end of May, requested\n postponement of advisory release\n2019-04-16: VDE CERT: update regarding affected firmware versions\n2019-04-24: Confirming advisory release for beginning of June\n2019-05-20: Asking for a status update\n2019-05-22: VDE CERT: no news from WAGO yet, 5th June release date\n2019-05-29: Asking for a status update\n2019-05-29: VDE CERT: detailed answer from WAGO, patches will be published\n on 7th June, SEC Consult proposes new advisory release date for\n 12th June\n2019-06-07: VDE CERT provides security advisory information from WAGO;\n WAGO releases security patches\n2019-06-12: Coordinated release of security advisory\n\n\nSolution:\n---------\nThe vendor provides patches to their customers at their download page. The\nfollowing versions fix the issues:\n* 852-303: v1.2.2.S0\n* 852-1305: v1.1.6.S0\n* 852-1505: v1.1.5.S0\n\nAccording to the vendor, busybox and glibc have been updated and the embedded\nprivate keys are being newly generated upon first boot and after a factory reset. \nThe root login via Telnet and SSH has been disabled and the admin account is\ndocumented and can be changed by the customer. \n\n\n\nWorkaround:\n-----------\nRestrict network access to the device \u0026 SSH server. Weber / @2019\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04602055\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04602055\nVersion: 1\n\nHPSBHF03289 rev.1- HP ThinClient PCs running ThinPro Linux, Remote Code\nExecution, Denial of Service, Disclosure of information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-03-20\nLast Updated: 2015-03-20\n\nPotential Security Impact: Remote code execution, denial of service,\ndisclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP ThinPro Linux\nThis is the glibc vulnerability known as \"GHOST\", which could be exploited\nremotely to allow execution of arbitrary code. This update also addresses\nother vulnerabilities in SSL that would remotely allow denial of service,\ndisclosure of information and other vulnerabilities. \n\nReferences:\n\nCVE-2015-0235 (SSRT101953)\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8275\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nHP ThinPro Linux (x86) v5.1\nHP ThinPro Linux (x86) v5.0\nHP ThinPro Linux (x86) v4.4\nHP ThinPro Linux (x86) v4.3\nHP ThinPro Linux (x86) v4.2\nHP ThinPro Linux (x86) v4.1\nHP ThinPro Linux (ARM) v4.4\nHP ThinPro Linux (ARM) v4.3\nHP ThinPro Linux (ARM) v4.2\nHP ThinPro Linux (ARM) v4.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software updates to resolve the vulnerability\nfor HP ThinPro Linux. \n\nSoftpaq:\nhttp://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe\n\nEasy Update Via ThinPro / EasyUpdate (x86):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-\n4.4-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nVia ThinPro / EasyUpdate (ARM):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-\n4.4-armel.xar\n\nNote: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch\napplied, VMware cannot connect if security level is set to \"Refuse insecure\nconnections\". Updating VMware to the latest package on ftp.hp.com will solve\nthe problem. \n\nHISTORY\nVersion:1 (rev.1) - 20 March 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n The original glibc bug was reported by Peter Klotz. \n\nCVE-2014-7817\n\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\n wordexp function did not suppress command execution in all cases. \n This allows a context-dependent attacker to execute shell\n commands. \n\nCVE-2012-6656\nCVE-2014-6040\n\n The charset conversion code for certain IBM multi-byte code pages\n could perform an out-of-bounds array access, causing the process\n to crash. In some scenarios, this allows a remote attacker to\n cause a persistent denial of service. \n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the CVE-2015-0235 issue has been fixed in version\n2.18-1 of the glibc package. \n\nWe recommend that you upgrade your eglibc packages. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235\n https://rhn.redhat.com/errata/RHSA-2015-0092.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 678efef85b85206451ef8927bad808e0 mbs1/x86_64/glibc-2.14.1-12.11.mbs1.x86_64.rpm\n 46cd508f03e36c1e4f752c317852ec8e mbs1/x86_64/glibc-devel-2.14.1-12.11.mbs1.x86_64.rpm\n 069302c80e3b79504e2b0eaaa72c2745 mbs1/x86_64/glibc-doc-2.14.1-12.11.mbs1.noarch.rpm\n 3a841c0295823354655dd3e7734ada0b mbs1/x86_64/glibc-doc-pdf-2.14.1-12.11.mbs1.noarch.rpm\n 11a672a0b4bae77c7adfa803bea9871f mbs1/x86_64/glibc-i18ndata-2.14.1-12.11.mbs1.x86_64.rpm\n d3f113ccec4f18e4bb08c951625e51d7 mbs1/x86_64/glibc-profile-2.14.1-12.11.mbs1.x86_64.rpm\n f6d6aa5806dd747e66996ea8cc01c9b4 mbs1/x86_64/glibc-static-devel-2.14.1-12.11.mbs1.x86_64.rpm\n 98cc6eae0234eeed945712bbc8b2c0ea mbs1/x86_64/glibc-utils-2.14.1-12.11.mbs1.x86_64.rpm\n bf6f2fcc3dd21bd8380aac40e91bb802 mbs1/x86_64/nscd-2.14.1-12.11.mbs1.x86_64.rpm \n f597e4d6241c76701733d730e84f5714 mbs1/SRPMS/glibc-2.14.1-12.11.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: glibc security update\nAdvisory ID: RHSA-2015:0092-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0092.html\nIssue date: 2015-01-27\nCVE Names: CVE-2015-0235 \n=====================================================================\n\n1. Summary:\n\nUpdated glibc packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name\nServer Caching Daemon (nscd) used by multiple programs on the system. \nWithout these libraries, the Linux system cannot function correctly. (CVE-2015-0235)\n\nRed Hat would like to thank Qualys for reporting this issue. \n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nglibc-2.12-1.149.el6_6.5.src.rpm\n\ni386:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-headers-2.12-1.149.el6_6.5.i686.rpm\nglibc-utils-2.12-1.149.el6_6.5.i686.rpm\nnscd-2.12-1.149.el6_6.5.i686.rpm\n\nx86_64:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-headers-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-utils-2.12-1.149.el6_6.5.x86_64.rpm\nnscd-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\n\nx86_64:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nglibc-2.12-1.149.el6_6.5.src.rpm\n\nx86_64:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-headers-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-utils-2.12-1.149.el6_6.5.x86_64.rpm\nnscd-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nglibc-2.12-1.149.el6_6.5.src.rpm\n\ni386:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-headers-2.12-1.149.el6_6.5.i686.rpm\nglibc-utils-2.12-1.149.el6_6.5.i686.rpm\nnscd-2.12-1.149.el6_6.5.i686.rpm\n\nppc64:\nglibc-2.12-1.149.el6_6.5.ppc.rpm\nglibc-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-common-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.ppc.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.ppc.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-devel-2.12-1.149.el6_6.5.ppc.rpm\nglibc-devel-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-headers-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-utils-2.12-1.149.el6_6.5.ppc64.rpm\nnscd-2.12-1.149.el6_6.5.ppc64.rpm\n\ns390x:\nglibc-2.12-1.149.el6_6.5.s390.rpm\nglibc-2.12-1.149.el6_6.5.s390x.rpm\nglibc-common-2.12-1.149.el6_6.5.s390x.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.s390.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.s390x.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.s390.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.s390x.rpm\nglibc-devel-2.12-1.149.el6_6.5.s390.rpm\nglibc-devel-2.12-1.149.el6_6.5.s390x.rpm\nglibc-headers-2.12-1.149.el6_6.5.s390x.rpm\nglibc-utils-2.12-1.149.el6_6.5.s390x.rpm\nnscd-2.12-1.149.el6_6.5.s390x.rpm\n\nx86_64:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-headers-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-utils-2.12-1.149.el6_6.5.x86_64.rpm\nnscd-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\n\nppc64:\nglibc-debuginfo-2.12-1.149.el6_6.5.ppc.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.ppc.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.ppc64.rpm\nglibc-static-2.12-1.149.el6_6.5.ppc.rpm\nglibc-static-2.12-1.149.el6_6.5.ppc64.rpm\n\ns390x:\nglibc-debuginfo-2.12-1.149.el6_6.5.s390.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.s390x.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.s390.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.s390x.rpm\nglibc-static-2.12-1.149.el6_6.5.s390.rpm\nglibc-static-2.12-1.149.el6_6.5.s390x.rpm\n\nx86_64:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nglibc-2.12-1.149.el6_6.5.src.rpm\n\ni386:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-headers-2.12-1.149.el6_6.5.i686.rpm\nglibc-utils-2.12-1.149.el6_6.5.i686.rpm\nnscd-2.12-1.149.el6_6.5.i686.rpm\n\nx86_64:\nglibc-2.12-1.149.el6_6.5.i686.rpm\nglibc-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-devel-2.12-1.149.el6_6.5.i686.rpm\nglibc-devel-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-headers-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-utils-2.12-1.149.el6_6.5.x86_64.rpm\nnscd-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\n\nx86_64:\nglibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm\nglibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm\nglibc-static-2.12-1.149.el6_6.5.i686.rpm\nglibc-static-2.12-1.149.el6_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nglibc-2.17-55.el7_0.5.src.rpm\n\nx86_64:\nglibc-2.17-55.el7_0.5.i686.rpm\nglibc-2.17-55.el7_0.5.x86_64.rpm\nglibc-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-devel-2.17-55.el7_0.5.i686.rpm\nglibc-devel-2.17-55.el7_0.5.x86_64.rpm\nglibc-headers-2.17-55.el7_0.5.x86_64.rpm\nglibc-utils-2.17-55.el7_0.5.x86_64.rpm\nnscd-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-static-2.17-55.el7_0.5.i686.rpm\nglibc-static-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nglibc-2.17-55.el7_0.5.src.rpm\n\nx86_64:\nglibc-2.17-55.el7_0.5.i686.rpm\nglibc-2.17-55.el7_0.5.x86_64.rpm\nglibc-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-devel-2.17-55.el7_0.5.i686.rpm\nglibc-devel-2.17-55.el7_0.5.x86_64.rpm\nglibc-headers-2.17-55.el7_0.5.x86_64.rpm\nglibc-utils-2.17-55.el7_0.5.x86_64.rpm\nnscd-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-static-2.17-55.el7_0.5.i686.rpm\nglibc-static-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nglibc-2.17-55.el7_0.5.src.rpm\n\nppc64:\nglibc-2.17-55.el7_0.5.ppc.rpm\nglibc-2.17-55.el7_0.5.ppc64.rpm\nglibc-common-2.17-55.el7_0.5.ppc64.rpm\nglibc-debuginfo-2.17-55.el7_0.5.ppc.rpm\nglibc-debuginfo-2.17-55.el7_0.5.ppc64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.ppc.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.ppc64.rpm\nglibc-devel-2.17-55.el7_0.5.ppc.rpm\nglibc-devel-2.17-55.el7_0.5.ppc64.rpm\nglibc-headers-2.17-55.el7_0.5.ppc64.rpm\nglibc-utils-2.17-55.el7_0.5.ppc64.rpm\nnscd-2.17-55.el7_0.5.ppc64.rpm\n\ns390x:\nglibc-2.17-55.el7_0.5.s390.rpm\nglibc-2.17-55.el7_0.5.s390x.rpm\nglibc-common-2.17-55.el7_0.5.s390x.rpm\nglibc-debuginfo-2.17-55.el7_0.5.s390.rpm\nglibc-debuginfo-2.17-55.el7_0.5.s390x.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.s390.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.s390x.rpm\nglibc-devel-2.17-55.el7_0.5.s390.rpm\nglibc-devel-2.17-55.el7_0.5.s390x.rpm\nglibc-headers-2.17-55.el7_0.5.s390x.rpm\nglibc-utils-2.17-55.el7_0.5.s390x.rpm\nnscd-2.17-55.el7_0.5.s390x.rpm\n\nx86_64:\nglibc-2.17-55.el7_0.5.i686.rpm\nglibc-2.17-55.el7_0.5.x86_64.rpm\nglibc-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-devel-2.17-55.el7_0.5.i686.rpm\nglibc-devel-2.17-55.el7_0.5.x86_64.rpm\nglibc-headers-2.17-55.el7_0.5.x86_64.rpm\nglibc-utils-2.17-55.el7_0.5.x86_64.rpm\nnscd-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nglibc-debuginfo-2.17-55.el7_0.5.ppc.rpm\nglibc-debuginfo-2.17-55.el7_0.5.ppc64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.ppc.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.ppc64.rpm\nglibc-static-2.17-55.el7_0.5.ppc.rpm\nglibc-static-2.17-55.el7_0.5.ppc64.rpm\n\ns390x:\nglibc-debuginfo-2.17-55.el7_0.5.s390.rpm\nglibc-debuginfo-2.17-55.el7_0.5.s390x.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.s390.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.s390x.rpm\nglibc-static-2.17-55.el7_0.5.s390.rpm\nglibc-static-2.17-55.el7_0.5.s390x.rpm\n\nx86_64:\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-static-2.17-55.el7_0.5.i686.rpm\nglibc-static-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nglibc-2.17-55.el7_0.5.src.rpm\n\nx86_64:\nglibc-2.17-55.el7_0.5.i686.rpm\nglibc-2.17-55.el7_0.5.x86_64.rpm\nglibc-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-devel-2.17-55.el7_0.5.i686.rpm\nglibc-devel-2.17-55.el7_0.5.x86_64.rpm\nglibc-headers-2.17-55.el7_0.5.x86_64.rpm\nglibc-utils-2.17-55.el7_0.5.x86_64.rpm\nnscd-2.17-55.el7_0.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nglibc-debuginfo-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm\nglibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm\nglibc-static-2.17-55.el7_0.5.i686.rpm\nglibc-static-2.17-55.el7_0.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0235\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUx9bmXlSAg2UNWIIRAjP4AJ9/EPFLyhSuapG8Lie71zPk6VaF8wCfVAw2\nVIBda0hF+i0zAuST73ezXzI=\n=w5UI\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/glibc-2.17-i486-10_slack14.1.txz: Rebuilt. This flaw could allow local or remote attackers to take control\n of a machine running a vulnerable version of glibc. Thanks to Qualys for\n discovering this issue (also known as the GHOST vulnerability.)\n For more information, see:\n https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235\n (* Security fix *)\npatches/packages/glibc-i18n-2.17-i486-10_slack14.1.txz: Rebuilt. \npatches/packages/glibc-profile-2.17-i486-10_slack14.1.txz: Rebuilt. \npatches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz: Rebuilt. \npatches/packages/glibc-zoneinfo-2014j-noarch-1.txz: Upgraded. \n Upgraded to tzcode2014j and tzdata2014j. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-2.9-i486-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-i18n-2.9-i486-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-profile-2.9-i486-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-solibs-2.9-i486-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-2.9-x86_64-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-i18n-2.9-x86_64-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-profile-2.9-x86_64-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-solibs-2.9-x86_64-7_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-2.11.1-i486-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-i18n-2.11.1-i486-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-profile-2.11.1-i486-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-solibs-2.11.1-i486-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-2.13-i486-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-i18n-2.13-i486-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-profile-2.13-i486-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-solibs-2.13-i486-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-2.13-x86_64-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-i18n-2.13-x86_64-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-profile-2.13-x86_64-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-solibs-2.13-x86_64-8_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-2.15-i486-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-i18n-2.15-i486-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-profile-2.15-i486-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-solibs-2.15-i486-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-2.15-x86_64-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-i18n-2.15-x86_64-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-profile-2.15-x86_64-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-solibs-2.15-x86_64-9_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-2.17-i486-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-i18n-2.17-i486-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-profile-2.17-i486-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-2.17-x86_64-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-i18n-2.17-x86_64-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-profile-2.17-x86_64-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-solibs-2.17-x86_64-10_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.20-i486-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2014j-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.20-i486-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.20-i486-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.20-i486-2.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.20-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2014j-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.20-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.20-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.20-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n41402c65ebdef4b022c799131556ef7e glibc-2.9-i486-7_slack13.0.txz\n7095e3cd743af0179ea14b9bff81e3f4 glibc-i18n-2.9-i486-7_slack13.0.txz\n901d50b809ed84837ff45b2ca7838bb3 glibc-profile-2.9-i486-7_slack13.0.txz\n421a711b7cf1be2df2421ae5cd50b217 glibc-solibs-2.9-i486-7_slack13.0.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware x86_64 13.0 packages:\nd4266628a8db63751f3f55b8bc2e2162 glibc-2.9-x86_64-7_slack13.0.txz\nb6161a0e23da771c5c6903605e49e403 glibc-i18n-2.9-x86_64-7_slack13.0.txz\nb8026d61e3849cce26539def0b665ca3 glibc-profile-2.9-x86_64-7_slack13.0.txz\n1f7f4cf57d44d75d4ef2786152f33403 glibc-solibs-2.9-x86_64-7_slack13.0.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware 13.1 packages:\n03e0d0224efe8bc794b5be0454612a1e glibc-2.11.1-i486-9_slack13.1.txz\nfabbdd8d7f14667c7a2dc7ede87b5510 glibc-i18n-2.11.1-i486-9_slack13.1.txz\n1c1d86a9dabe329c3d30796188b66ebe glibc-profile-2.11.1-i486-9_slack13.1.txz\ne2ebe08bb02550c69202a6f973ef7e47 glibc-solibs-2.11.1-i486-9_slack13.1.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware x86_64 13.1 packages:\nc00de492a4842e3a86101028e8cc03f0 glibc-2.11.1-x86_64-9_slack13.1.txz\n9657c55f39b233333e48d08acee9ed78 glibc-i18n-2.11.1-x86_64-9_slack13.1.txz\nada2d7f7b7ffdfd7a4407696ad714e48 glibc-profile-2.11.1-x86_64-9_slack13.1.txz\nb3c393e74aafbb5276cea1217dfcd1aa glibc-solibs-2.11.1-x86_64-9_slack13.1.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware 13.37 packages:\n16615e6ef8311b928e3a05e0b7f3e505 glibc-2.13-i486-8_slack13.37.txz\n319dfc0cbdaf8410981195fffb1371c6 glibc-i18n-2.13-i486-8_slack13.37.txz\n6964339495ab981d17ba27cd5878a400 glibc-profile-2.13-i486-8_slack13.37.txz\n1834abd11fab02725e897040bbead56f glibc-solibs-2.13-i486-8_slack13.37.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware x86_64 13.37 packages:\n1753003d261831ac235445e23a9f9870 glibc-2.13-x86_64-8_slack13.37.txz\n8aa103984bb2cb293072a022dd9144f2 glibc-i18n-2.13-x86_64-8_slack13.37.txz\na56e90a34eec8f60e265c45d05490a57 glibc-profile-2.13-x86_64-8_slack13.37.txz\nc6f684ea049e4091b96d15606eb454d1 glibc-solibs-2.13-x86_64-8_slack13.37.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware 14.0 packages:\na2fadb666bfdf5c7c4c9792cbf34785d glibc-2.15-i486-9_slack14.0.txz\n3b3626f4a170a603af36ca60c7840fa6 glibc-i18n-2.15-i486-9_slack14.0.txz\nad237d138bb874e57c4080071d27e798 glibc-profile-2.15-i486-9_slack14.0.txz\nf07d37e52014cec80e43d883eda516ae glibc-solibs-2.15-i486-9_slack14.0.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware x86_64 14.0 packages:\na5d02d71a230b6daa39d2ebefd8a6548 glibc-2.15-x86_64-9_slack14.0.txz\n62c30b615e38ba63cafb8053383eabde glibc-i18n-2.15-x86_64-9_slack14.0.txz\n152d094ab6bc4c7f763dd4ad1a53784c glibc-profile-2.15-x86_64-9_slack14.0.txz\nb256163bb179d1aebfda5f45270a0580 glibc-solibs-2.15-x86_64-9_slack14.0.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware 14.1 packages:\n8f2fb91bb39d8a1db3bd6510295e6b1e glibc-2.17-i486-10_slack14.1.txz\n8d179820a827a4dce028b57d3fa39237 glibc-i18n-2.17-i486-10_slack14.1.txz\n19a4824c6ff8792a1166a38ceff824e0 glibc-profile-2.17-i486-10_slack14.1.txz\n417dede2ae464059002b6fcc2048f942 glibc-solibs-2.17-i486-10_slack14.1.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware x86_64 14.1 packages:\n490ce11a13439e30ff312769cc4fabb1 glibc-2.17-x86_64-10_slack14.1.txz\ncd145e0d6a12b15d5282d7d1b3de92ed glibc-i18n-2.17-x86_64-10_slack14.1.txz\n93aea777dd41dc1c631dce1cf252bf14 glibc-profile-2.17-x86_64-10_slack14.1.txz\n6b759039a5b3f8c88b3753e722ded78e glibc-solibs-2.17-x86_64-10_slack14.1.txz\n61278ba5a904a7474e9b0b64b0daab97 glibc-zoneinfo-2014j-noarch-1.txz\n\nSlackware -current packages:\n395d4ad5fb71c4a56a500c3e51d07c8b a/glibc-solibs-2.20-i486-2.txz\n61278ba5a904a7474e9b0b64b0daab97 a/glibc-zoneinfo-2014j-noarch-1.txz\n3ca2827446e66d0d2d0e0bc8c55ba1ed l/glibc-2.20-i486-2.txz\n94105b1a10c42ce0995f8ace6b4f06a8 l/glibc-i18n-2.20-i486-2.txz\nfcc2ad4f5aad3a7d704d708a170c5351 l/glibc-profile-2.20-i486-2.txz\n\nSlackware x86_64 -current packages:\n25129dd9dfed8a8e834c87ba40c1ef17 a/glibc-solibs-2.20-x86_64-2.txz\n61278ba5a904a7474e9b0b64b0daab97 a/glibc-zoneinfo-2014j-noarch-1.txz\nb8ff5e308769d8e4eddccd9940058d5c l/glibc-2.20-x86_64-2.txz\n8c3db9286aa93346d25ffad38178137b l/glibc-i18n-2.20-x86_64-2.txz\n21f2a62d975b433f570cd5129cdc21fb l/glibc-profile-2.20-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg glibc-*\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. SEC Consult Vulnerability Lab Security Advisory \u003c 20210901-0 \u003e\n=======================================================================\n title: Multiple vulnerabilities\n product: see \"Vulnerable / tested versions\"\n vulnerable version: see \"Vulnerable / tested versions\"\n fixed version: see \"Solution\"\n CVE number: CVE-2021-39278, CVE-2021-39279\n impact: High\n homepage: https://www.moxa.com/\n found: 2020-08-31\n by: T. Weber (Office Vienna)\n SEC Consult Vulnerability Lab\n\n An integrated part of SEC Consult, an Atos company\n Europe | Asia | North America\n\n https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"Together, We Create Change\n\nMoxa is committed to making a positive impact around the world. We put our all\nbehind this commitment--from our employees, to our products and supply chain. \n\nIn our local communities, we nurture and support the spirit of volunteering. \nWe encourage our employees to contribute to community development, with an\nemphasis on ecology, education, and health. \n\nIn our products, we invest in social awareness programs and\nenvironment-friendly policies at every stage of the product lifecycle. We make\nsure our manufacturing meets the highest standards with regards to quality,\nethics, and sustainability.\"\n\nSource: https://www.moxa.com/en/about-us/corporate-responsibility\n\nBusiness recommendation:\n------------------------\nSEC Consult recommends to immediately apply the available patches\nfrom the vendor. A thorough security review should be performed by\nsecurity professionals to identify further potential security issues. \n\n\nVulnerability overview/description:\n-----------------------------------\n1) Authenticated Command Injection (CVE-2021-39279)\nAn authenticated command injection vulnerability can be triggered by issuing a\nGET request to the \"/forms/web_importTFTP\" CGI program which is available on\nthe web interface. An attacker can abuse this vulnerability to compromise the\noperating system of the device. This issue was found by emulating the firmware\nof the device. \n\n2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278)\nVia a crafted config-file, a reflected cross-site scripting vulnerability can\nbe exploited in the context of the victim\u0027s browser. This config-file can be\nuploaded to the device via the \"Config Import Export\" tab in the main menu. One of the discovered vulnerabilities (CVE-2015-0235,\ngethostbyname \"GHOST\" buffer overflow) was verified by using the MEDUSA\nscalable firmware runtime. \n\n4) Multiple Outdated Software Components\nMultiple outdated software components containing vulnerabilities were found by\nthe IoT Inspector. \n\nThe vulnerabilities 1), 2) and 3) were manually verified on an emulated device\nby using the MEDUSA scalable firmware runtime. \n\nProof of concept:\n-----------------\n1) Authenticated Command Injection (CVE-2021-39279)\nThe vulnerability can be triggered by navigating in the web interface to the\ntab:\n\n\"Main Menu\"-\u003e\"Maintenance\"-\u003e\"Config Import Export\"\n\nThe \"TFTP Import\" menu is prone to command injection via all parameters. To\nexploit the vulnerability, an IP address, a configuration path and a filename\nmust be set. \nIf the filename is used to trigger the exploit, the payload in the interceptor\nproxy would be:\n\nhttp://192.168.1.1/forms/web_importTFTP?servIP=192.168.1.1\u0026configPath=/\u0026fileName=name|`ping localhost -c 100`\n\n\n2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278)\nThe vulnerability can be triggered by navigating in the web interface to the\ntab:\n\n\"Main Menu\"-\u003e\"Maintenance\"-\u003e\"Config Import Export\"\n\nThe \"Config Import\" menu is prone to reflected cross-site scripting via the\nupload of config files. Example of malicious config file:\n-------------------------------------------------------------------------------\n[board]\ndeviceName=\"WAC-2004_0000\u003c/span\u003e\u003cscript\u003ealert(document.cookie)\u003c/script\u003e\"\ndeviceLocation=\"\"\n[..]\n-------------------------------------------------------------------------------\nUploading such a crafted file triggers cross-site scripting as the erroneous\nvalue is displayed without filtering characters. \n\nThe gethostbyname buffer overflow vulnerability (GHOST) was checked with the\nhelp of the exploit code from https://seclists.org/oss-sec/2015/q1/274. It was\ncompiled and executed on the emulated device to test the system. \n\n\n4) Multiple Outdated Software Components\nThe IoT Inspector recognized multiple outdated software components with known\nvulnerabilities:\n\nBusyBox 1.18.5 06/2011\nDropbear SSH 2011.54 11/2011\nGNU glibc 2.9 02/2009\nLinux Kernel 2.6.27 10/2008\nOpenSSL 0.9.7g 04/2005\nOnly found in the program \"iw_director\"\nOpenSSL 1.0.0 03/2010\n\n\nVulnerable / tested versions:\n-----------------------------\nThe following firmware versions for various devices have been identified\nto be vulnerable:\n* WAC-2004 / 1.7\n* WAC-1001 / 2.1\n* WAC-1001-T / 2.1\n* OnCell G3470A-LTE-EU / 1.7\n* OnCell G3470A-LTE-EU-T / 1.7\n* TAP-323-EU-CT-T / 1.3\n* TAP-323-US-CT-T / 1.3\n* TAP-323-JP-CT-T / 1.3\n* WDR-3124A-EU / 2.3\n* WDR-3124A-EU-T / 2.3\n* WDR-3124A-US / 2.3\n* WDR-3124A-US-T / 2.3\n\n\nVendor contact timeline:\n------------------------\n2020-10-09: Contacting vendor through moxa.csrt@moxa.com. \n2020-10-12: Contact sends PGP key for encrypted communication and asks for the\n detailed advisory. Sent encrypted advisory to vendor. \n2020-11-06: Status update from vendor regarding technical analysis. Vendor\n requested more time for fixing the vulnerabilities as more products\n are affected. \n2020-11-09: Granted more time for fixing to vendor. \n2020-11-10: Vendor asked for next steps regarding the advisory publication. \n2020-11-11: Asked vendor for an estimation when a public disclosure is possible. \n2020-11-16: Vendor responded that the product team can give a rough feedback. \n2020-11-25: Asked for a status update. \n2020-11-25: Vendor responded that the investigation is not done yet. \n2020-12-14: Vendor provided a list of potential affected devices and stated\n that full investigation may take until January 2021 due to the list\n of CVEs that were provided with the appended IoT Inspector report. \n The patches may be available until June 2021. \n2020-12-15: Shifted next status update round with vendor on May 2021. \n2020-12-23: Vendor provided full list of affected devices. \n2021-02-05: Vendor sieved out the found issues from 4) manually and provided a\n full list of confirmed vulnerabilities. WAC-2004 phased-out in\n 2019. \n2021-02-21: Confirmed receive of vulnerabilities, next status update in May\n 2021. \n2021-06-10: Asking for an update. \n2021-06-15: Vendor stated, that the update will be provided in the next days. \n2021-06-21: Vendor will give an update in the next week as Covid gets worse in\n Taiwan. \n2021-06-23: Vendor stated, that patches are under development. Vendor needs more\n time to finish the patches. \n2021-06-24: Set release date to 2021-09-01. \n2021-07-02: Vendor provides status updates. \n2021-08-16: Vendor provides status updates. \n2021-08-17: Vendor asks for CVE IDs and stated, that WDR-3124A has phased-out. \n2021-08-20: Sent assigned CVE-IDs to vendor. Asked for fixed version numbers. \n2021-08-31: Vendor provides fixed firmware version numbers and the advisory\n links. \n2021-09-01: Coordinated release of security advisory. \n\nSolution:\n---------\nAccording to the vendor the following patches must be applied to fix issues:\n* WAC-1001 / 2.1.5\n* WAC-1001-T / 2.1.5\n* OnCell G3470A-LTE-EU / 1.7.4\n* OnCell G3470A-LTE-EU-T / 1.7.4\n* TAP-323-EU-CT-T / 1.8.1\n* TAP-323-US-CT-T / 1.8.1\n* TAP-323-JP-CT-T / 1.8.1\n\nThe Moxa Technical Support must be contacted for requesting the security\npatches. \n\nThe corresponding security advisories for the affected devices are available on\nthe vendor\u0027s website:\nTAP-323/WAC-1001/WAC-2004\nhttps://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities\nOnCell G3470A-LTE/WDR-3124A\nhttps://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities\n\nThe following device models are EOL and should be replaced:\n* WAC-2004\n* WDR-3124A-EU\n* WDR-3124A-EU-T\n* WDR-3124A-US\n* WDR-3124A-US-T\n\n\nWorkaround:\n-----------\nNone. \n\n\nAdvisory URL:\n-------------\nhttps://sec-consult.com/vulnerability-lab/\n\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nSEC Consult Vulnerability Lab\n\nSEC Consult, an Atos company\nEurope | Asia | North America\n\nAbout SEC Consult Vulnerability Lab\nThe SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an\nAtos company. It ensures the continued knowledge gain of SEC Consult in the\nfield of network and application security to stay ahead of the attacker. The\nSEC Consult Vulnerability Lab supports high-quality penetration testing and\nthe evaluation of new offensive and defensive technologies for our customers. \nHence our customers obtain the most current information about vulnerabilities\nand valid recommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://sec-consult.com/career/\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://sec-consult.com/contact/\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Thomas Weber / @2021\n\n. If Apache was manually enabled and the configuration\nwas not changed, some files that should not be accessible might have\nbeen accessible using a specially crafted URL. This issue was addressed through the\naddition of a mechanism to trust only a subset of certificates issued\nprior to the mis-issuance of the intermediate. This\nissue, also known as Logjam, allowed an attacker with a privileged\nnetwork position to downgrade security to 512-bit DH if the server\nsupported an export-strength ephemeral DH cipher suite. The issue was\naddressed by increasing the default minimum size allowed for DH\nephemeral keys to 768 bits. \nCVE-ID\nCVE-2015-3695 : Ian Beer of Google Project Zero\nCVE-2015-3696 : Ian Beer of Google Project Zero\nCVE-2015-3697 : Ian Beer of Google Project Zero\nCVE-2015-3698 : Ian Beer of Google Project Zero\nCVE-2015-3699 : Ian Beer of Google Project Zero\nCVE-2015-3700 : Ian Beer of Google Project Zero\nCVE-2015-3701 : Ian Beer of Google Project Zero\nCVE-2015-3702 : KEEN Team\n\nImageIO\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Multiple vulnerabilities existed in libtiff, the most\nserious of which may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in libtiff versions\nprior to 4.0.4. \nCVE-ID\nCVE-2015-3661 : G. Geshev working with HP\u0027s Zero Day Initiative\nCVE-2015-3662 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3663 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3666 : Steven Seeley of Source Incite working with HP\u0027s Zero\nDay Initiative\nCVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai\nLu of Fortinet\u0027s FortiGuard Labs, Ryan Pentney, and Richard Johnson\nof Cisco Talos and Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3668 : Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3713 : Apple\n\nSecurity\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in the Security framework\ncode for parsing S/MIME e-mail and some other signed or encrypted\nobjects. \nCVE-ID\nCVE-2013-1741\n\nSecurity\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact: Tampered applications may not be prevented from launching\nDescription: Apps using custom resource rules may have been\nsusceptible to tampering that would not have invalidated the\nsignature",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0235"
},
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "BID",
"id": "72325"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "153278"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "130098"
},
{
"db": "PACKETSTORM",
"id": "130333"
},
{
"db": "PACKETSTORM",
"id": "130114"
},
{
"db": "PACKETSTORM",
"id": "130163"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "PACKETSTORM",
"id": "132518"
}
],
"trust": 3.6
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/967332",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-78181",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-0235",
"trust": 4.6
},
{
"db": "BID",
"id": "72325",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10671",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "164014",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "153278",
"trust": 1.8
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "167552",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130974",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130768",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130171",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62883",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62690",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62871",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62680",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62517",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62715",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62812",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62667",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62879",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62813",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62698",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62681",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62692",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62758",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62870",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62816",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62691",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62688",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62865",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032909",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10100",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-994726",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/05/04/7",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#967332",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/01/27/9",
"trust": 0.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2013/09/17/4",
"trust": 0.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/01/28/18",
"trust": 0.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/01/29/21",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2022060049",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-064-01",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "130114",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130163",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130333",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131867",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130115",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131214",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134196",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130216",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130100",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130135",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130099",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "36421",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "35951",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-89237",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-78181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134055",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130098",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132518",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "BID",
"id": "72325"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "153278"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "130098"
},
{
"db": "PACKETSTORM",
"id": "130333"
},
{
"db": "PACKETSTORM",
"id": "130114"
},
{
"db": "PACKETSTORM",
"id": "130163"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "PACKETSTORM",
"id": "132518"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"id": "VAR-201501-0737",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-78181"
}
],
"trust": 0.507738211
},
"last_update_date": "2026-03-09T21:40:09.204000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.eglibc.org/home"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://getfedora.org/en/"
},
{
"title": "SUSE-SU-2014:1129-1",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html"
},
{
"title": "CVE-2013-4357",
"trust": 0.8,
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4357"
},
{
"title": "USN-2306-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/2306-1/"
},
{
"title": "USN-2306-2",
"trust": 0.8,
"url": "https://usn.ubuntu.com/2306-2/"
},
{
"title": "USN-2306-3",
"trust": 0.8,
"url": "https://usn.ubuntu.com/2306-3/"
},
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53554"
},
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53556"
},
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53555"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-120",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://www.qualys.com/research/security-advisories/ghost-cve-2015-0235.txt"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130171/exim-esmtp-ghost-denial-of-service.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130768/emc-secure-remote-services-ghost-sql-injection-command-injection.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130974/exim-ghost-glibc-gethostbyname-buffer-overflow.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/153278/wago-852-industrial-managed-switch-series-code-execution-hardcoded-credentials.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/164014/moxa-command-injection-cross-site-scripting-vulnerable-software.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/167552/nexans-ftto-gigaswitch-outdated-components-hardcoded-backdoor.html"
},
{
"trust": 2.0,
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150128-ghost"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 2.0,
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/72325"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/jun/14"
},
{
"trust": 1.7,
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2015-0090.html"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2015-0092.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 1.7,
"url": "http://www.idirect.net/partners/~/media/files/cve/idirect-posted-common-vulnerabilities-and-exposures.pdf"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.7,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"trust": 1.7,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04874668"
},
{
"trust": 1.7,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht205267"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht205375"
},
{
"trust": 1.7,
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"trust": 1.7,
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2015/jan/111"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2019/jun/18"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2021/sep/0"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2022/jun/36"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:039"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0126.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032909"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62517"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62667"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62680"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62681"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62688"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62690"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62691"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62692"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62698"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62715"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62758"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62812"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62813"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62816"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62865"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62870"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62871"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62879"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62883"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"trust": 1.6,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10671"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10100"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.suse.com/pipermail/sle-security-updates/2015-january/001186.html"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.8,
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/9"
},
{
"trust": 0.8,
"url": "https://security-tracker.debian.org/tracker/cve-2015-0235"
},
{
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2015-0099.html"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2015"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/ghost"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4357"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4357"
},
{
"trust": 0.8,
"url": "https://www.openwall.com/lists/oss-security/2013/09/17/4"
},
{
"trust": 0.8,
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/18"
},
{
"trust": 0.8,
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022060049"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security/cve/cve-2015-0235.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/29?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.gnu.org/software/libc/"
},
{
"trust": 0.3,
"url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/16000/000/sol16057.html"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaanvj"
},
{
"trust": 0.3,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk104443"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04560440"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10671\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-15-001/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006702"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006704"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101006705"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097203"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04577814"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04589512"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/nov/14"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04599861"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04674742"
},
{
"trust": 0.3,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00000.html"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2f11f-5117bc2506e9f/cert_security_mini_bulletin_xrx15j_for_connectkey_1.5_r15-02_v1-1.pdf"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/48"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/29"
},
{
"trust": 0.3,
"url": "http://supportdocs.polycom.com/polycomservice/support/global/documents/support/documentation/security_advisory_ghost_v_2_0.pdf"
},
{
"trust": 0.3,
"url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005056"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696466"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696640"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098317"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097331"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005064"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696204"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696630"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697192"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695967"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022050"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695859"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696461"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005172"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097332"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697268"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005063"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005062"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005122"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696416"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020559"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022015"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695947"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697250"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698044"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696066"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-064-01"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/967332"
},
{
"trust": 0.3,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.3,
"url": "http://gpgtools.org"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.2,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.2,
"url": "https://support.apple.com/en-"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.2,
"url": "https://seclists.org/oss-sec/2015/q1/274."
},
{
"trust": 0.2,
"url": "https://www.sec-consult.com"
},
{
"trust": 0.2,
"url": "https://twitter.com/sec_consult"
},
{
"trust": 0.2,
"url": "http://blog.sec-consult.com"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0235"
},
{
"trust": 0.2,
"url": "https://rhn.redhat.com/errata/rhsa-2015-0092.html"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10671"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10100"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142296726407499\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142781412222323\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142722450701342\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721102728110\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143145428124857\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5925"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5936"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5924"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5944"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5939"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht205377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5934"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5932"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8146"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht205265."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2532"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
},
{
"trust": 0.1,
"url": "https://www.tencent.com)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0296"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6301"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1472"
},
{
"trust": 0.1,
"url": "http://www.wago.us/wago/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2716"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/career/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9402"
},
{
"trust": 0.1,
"url": "https://www.wago.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5325"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-9261"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9761"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1813"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/vulnerability-lab/advisories/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12550"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2148"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/contact/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe"
},
{
"trust": 0.1,
"url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7817"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0235"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39278"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/about-us/corporate-responsibility"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7423"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/vulnerability-lab/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1234"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39279"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1914"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/career/"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/forms/web_importtftp?servip=192.168.1.1\u0026configpath=/\u0026filename=name|`ping"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3673"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8140"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3661"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1741"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8128"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3662"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1157"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht204950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3668"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3667"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "BID",
"id": "72325"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "133803"
},
{
"db": "PACKETSTORM",
"id": "153278"
},
{
"db": "PACKETSTORM",
"id": "130987"
},
{
"db": "PACKETSTORM",
"id": "130098"
},
{
"db": "PACKETSTORM",
"id": "130333"
},
{
"db": "PACKETSTORM",
"id": "130114"
},
{
"db": "PACKETSTORM",
"id": "130163"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "PACKETSTORM",
"id": "132518"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#967332",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-78181",
"ident": null
},
{
"db": "BID",
"id": "72325",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "134055",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "133803",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "153278",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130987",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130098",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130333",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130114",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "130163",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "164014",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "132518",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007061",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-0235",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#967332",
"ident": null
},
{
"date": "2015-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-78181",
"ident": null
},
{
"date": "2015-01-27T00:00:00",
"db": "BID",
"id": "72325",
"ident": null
},
{
"date": "2015-10-21T19:32:22",
"db": "PACKETSTORM",
"id": "134055",
"ident": null
},
{
"date": "2015-10-01T16:33:47",
"db": "PACKETSTORM",
"id": "133803",
"ident": null
},
{
"date": "2019-06-13T19:33:38",
"db": "PACKETSTORM",
"id": "153278",
"ident": null
},
{
"date": "2015-03-24T17:05:09",
"db": "PACKETSTORM",
"id": "130987",
"ident": null
},
{
"date": "2015-01-27T18:04:25",
"db": "PACKETSTORM",
"id": "130098",
"ident": null
},
{
"date": "2015-02-10T17:42:58",
"db": "PACKETSTORM",
"id": "130333",
"ident": null
},
{
"date": "2015-01-27T19:35:59",
"db": "PACKETSTORM",
"id": "130114",
"ident": null
},
{
"date": "2015-01-29T18:21:00",
"db": "PACKETSTORM",
"id": "130163",
"ident": null
},
{
"date": "2021-09-01T15:42:52",
"db": "PACKETSTORM",
"id": "164014",
"ident": null
},
{
"date": "2015-07-01T05:31:53",
"db": "PACKETSTORM",
"id": "132518",
"ident": null
},
{
"date": "2015-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-658",
"ident": null
},
{
"date": "2020-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007061",
"ident": null
},
{
"date": "2015-01-28T19:59:00.063000",
"db": "NVD",
"id": "CVE-2015-0235",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-10-22T00:00:00",
"db": "CERT/CC",
"id": "VU#967332",
"ident": null
},
{
"date": "2021-11-17T00:00:00",
"db": "VULHUB",
"id": "VHN-78181",
"ident": null
},
{
"date": "2018-10-17T06:00:00",
"db": "BID",
"id": "72325",
"ident": null
},
{
"date": "2022-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-658",
"ident": null
},
{
"date": "2020-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007061",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-0235",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "130114"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.6
}
}
VAR-201601-0016
Vulnerability from variot - Updated: 2026-03-03 21:51Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. Mozilla Network Security Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. This issue is fixed in: Firefox 43.0.2 Firefox ESR 38.5.2 Network Security Services 3.20.2.
Gentoo Linux Security Advisory GLSA 201801-15
https://security.gentoo.org/
Severity: Normal Title: PolarSSL: Multiple vulnerabilities Date: January 15, 2018 Bugs: #537108, #620504 ID: 201801-15
Synopsis
Multiple vulnerabilities have been found in PolarSSL, the worst of which may allow remote attackers to execute arbitrary code.
Background
PolarSSL is a cryptographic library for embedded systems.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/polarssl < 1.3.9-r1 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers.
Description
Multiple vulnerabilities have been discovered in PolarSSL. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker might be able to execute arbitrary code, cause Denial of Service condition or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
Gentoo has discontinued support for PolarSSL and recommends that users unmerge the package:
# emerge --unmerge "net-libs/polarssl"
References
[ 1 ] CVE-2015-1182 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1182 [ 2 ] CVE-2015-7575 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7575
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201801-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--Ph5IIMEQMv2VnlKUQ7M7LCqtbxvbmuakb--
. ========================================================================== Ubuntu Security Notice USN-2863-1 January 07, 2016
openssl vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to expose sensitive information over the network.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.33
After a standard system update you need to reboot your computer to make all the necessary changes. Description:
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494)
Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. Bugs fixed (https://bugzilla.redhat.com/):
1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123 1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions 1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH) 1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword() 1298906 - CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543) 1298957 - CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054) 1299073 - CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710) 1299385 - CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962) 1299441 - CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017) 1302689 - CVE-2015-5041 IBM JDK: J9 JVM allows code to invoke non-public interface methods
Background
mbed TLS (previously PolarSSL) is an "easy to understand, use, integrate and expand" implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required.
http://creativecommons.org/licenses/by-sa/2.5
--meXqunA8BhEhIM1DNPs3RlHKbtgWVCnXm--
.
More information can be found at https://www.mitls.org/pages/attacks/SLOTH
For the oldstable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u19.
For the stable distribution (jessie), the testing distribution (stretch) and the unstable distribution (sid), this issue was already addressed in version 1.0.1f-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2016:0008-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0008.html Issue date: 2016-01-07 Updated on: 2016-01-08 CVE Names: CVE-2015-7575 =====================================================================
- Summary:
Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)
All openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm
ppc64: openssl-1.0.1e-42.el6_7.2.ppc.rpm openssl-1.0.1e-42.el6_7.2.ppc64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.ppc.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm openssl-devel-1.0.1e-42.el6_7.2.ppc.rpm openssl-devel-1.0.1e-42.el6_7.2.ppc64.rpm
s390x: openssl-1.0.1e-42.el6_7.2.s390.rpm openssl-1.0.1e-42.el6_7.2.s390x.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.s390.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm openssl-devel-1.0.1e-42.el6_7.2.s390.rpm openssl-devel-1.0.1e-42.el6_7.2.s390x.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm openssl-perl-1.0.1e-42.el6_7.2.ppc64.rpm openssl-static-1.0.1e-42.el6_7.2.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm openssl-perl-1.0.1e-42.el6_7.2.s390x.rpm openssl-static-1.0.1e-42.el6_7.2.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-42.el6_7.2.src.rpm
i386: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-1.0.1e-42.el6_7.2.i686.rpm openssl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-devel-1.0.1e-42.el6_7.2.i686.rpm openssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm openssl-perl-1.0.1e-42.el6_7.2.i686.rpm openssl-static-1.0.1e-42.el6_7.2.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm openssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm openssl-static-1.0.1e-42.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.2.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.2.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.2.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm openssl-devel-1.0.1e-51.el7_2.2.s390.rpm openssl-devel-1.0.1e-51.el7_2.2.s390x.rpm openssl-libs-1.0.1e-51.el7_2.2.s390.rpm openssl-libs-1.0.1e-51.el7_2.2.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.2.ppc64.rpm openssl-static-1.0.1e-51.el7_2.2.ppc.rpm openssl-static-1.0.1e-51.el7_2.2.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.2.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.2.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm openssl-perl-1.0.1e-51.el7_2.2.s390x.rpm openssl-static-1.0.1e-51.el7_2.2.s390.rpm openssl-static-1.0.1e-51.el7_2.2.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.2.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.2.i686.rpm openssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.2.i686.rpm openssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm openssl-static-1.0.1e-51.el7_2.2.i686.rpm openssl-static-1.0.1e-51.el7_2.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-7575 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/2112261 http://www.mitls.org/pages/attacks/SLOTH
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWjy/pXlSAg2UNWIIRAuxtAKCKQ2VxTXABN4fn+b0MiLythds2GACfe3fA FZkb9bdxBhbyQJXSgVOJ3BA= =k57I -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.3.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.5.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.4.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"_id": null,
"model": "network security services",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.20.1"
},
{
"_id": null,
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "43.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1.0"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "38.1.1"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.865"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.866"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.865"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.791"
},
{
"_id": null,
"model": "jdk update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6105"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.791"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.6105"
},
{
"_id": null,
"model": "jre update",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.866"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.9,
"vendor": "mozilla",
"version": "43.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.11"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.5"
},
{
"_id": null,
"model": "purepower integrated manager service appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.8"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "websphere real time sr8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "11.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.306"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.8"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.17"
},
{
"_id": null,
"model": "sterling control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.21"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "oncommand shift",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37001.1"
},
{
"_id": null,
"model": "websphere real time sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.20"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36.0.3"
},
{
"_id": null,
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"_id": null,
"model": "sterling secure proxy ifix05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.0"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "domino fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.15"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.04"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50001.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "35"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.5"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1200"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.00"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "tivoli storage manageroperations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.300"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "27.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.4"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"_id": null,
"model": "websphere real time sr9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "fabric manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "websphere dashboard framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.1104"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.116"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.27"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"_id": null,
"model": "spss modeler if010",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.7"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.7"
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "rlks lkad borrow tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "control center ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1"
},
{
"_id": null,
"model": "cognos business viewpoint fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.21.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.2"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.1"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.10"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"_id": null,
"model": "tivoli directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.4.0.7"
},
{
"_id": null,
"model": "spss modeler fp1 if006",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.5"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "oncommand api services",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "40.0.3"
},
{
"_id": null,
"model": "integrated management module ii for bladecenter 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.110"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7.0.2"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.23.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "g8264cs si fabric image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "websphere message broker toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.11"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.2"
},
{
"_id": null,
"model": "vasa provider for clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.6"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.3"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.12"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"_id": null,
"model": "integrated management module ii for bladecenter 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.4.1"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.0"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.2"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.35"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.32"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3920"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.01"
},
{
"_id": null,
"model": "ftm for cps",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.1"
},
{
"_id": null,
"model": "explorer for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.0.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2.01"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "sterling secure proxy ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "bigfix security compliance analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.2"
},
{
"_id": null,
"model": "spss modeler fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.2.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.4"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.71"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.2"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "35.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.5"
},
{
"_id": null,
"model": "operations analytics predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1100"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "si4093 image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.2"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "websphere application server for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.6"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"_id": null,
"model": "system networking rackswitch g8332",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.22.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.1"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.111"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3930"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.4"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0.9"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "fabric operating system 7.4.1a",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.3"
},
{
"_id": null,
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.15"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.3"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.3"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "ds8000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.0.2"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.6"
},
{
"_id": null,
"model": "tivoli composite application manager for soa",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "rlks lkad borrow tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "39.0.3"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35001.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.7"
},
{
"_id": null,
"model": "integration toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.41"
},
{
"_id": null,
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.020"
},
{
"_id": null,
"model": "bundle of g8264cs image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.2"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.3"
},
{
"_id": null,
"model": "security guardium data redaction",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.01"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.4"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.17"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7.0.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1.5"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.21"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.2"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.6"
},
{
"_id": null,
"model": "spss modeler fp3 if013",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.3"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.7"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.802"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "b-type san switches",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "spss modeler fp2 if001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.2"
},
{
"_id": null,
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"_id": null,
"model": "plug-in for symantec netbackup",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.12"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "purepower integrated manager kvm host",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.9"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.1"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.1"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.404"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.12"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.1"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"_id": null,
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.01"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1000"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.4.1"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.7"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "db2 recovery expert for linux unix and windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "spss modeler fp3 if028",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.8"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "client application access",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "e-series/ef-series santricity management plug-ins",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.8"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.3"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.88"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.11"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.5"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "20.0"
},
{
"_id": null,
"model": "enterprise linux server eus 6.7.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.1.1"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.0.13"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.3"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.1.8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.4"
},
{
"_id": null,
"model": "tivoli network manager if0002 ip editio",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1.0"
},
{
"_id": null,
"model": "spss modeler fp3 if023",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.9"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.04"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.18"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.10"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.3"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "25.0"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.1"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.6.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.2.0.8"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.54"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.2.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.8"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"_id": null,
"model": "integrated management module ii for flex systems 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.18"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.6"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.4"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.0"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.24.0"
},
{
"_id": null,
"model": "control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.5.0.6"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "control center 6.0.0.1ifix01",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.9.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1.1"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.303"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"_id": null,
"model": "security network intrusion prevention system gx6116",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.9"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.12"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"_id": null,
"model": "tivoli asset discovery for distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.0.1"
},
{
"_id": null,
"model": "rbac user creator for data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.25"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.4"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "filenet eprocess",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "directory server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.41"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.5"
},
{
"_id": null,
"model": "operations analytics predictive insights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.3.2"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.5"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "websphere appliance management center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.87"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.3"
},
{
"_id": null,
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"_id": null,
"model": "tivoli storage manageroperations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.100"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "os image for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "spss modeler fp3 if016",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.3"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "multi-enterprise integration gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.11"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"_id": null,
"model": "fabric manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.04.0048"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.7"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.3.0.10"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.0"
},
{
"_id": null,
"model": "websphere real time sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.22"
},
{
"_id": null,
"model": "ara",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9.1"
},
{
"_id": null,
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.1.23"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3.1"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.0"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.7"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.37"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.3"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.303"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0.1"
},
{
"_id": null,
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.200"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.11"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.1"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.1.0.7"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.5"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.6"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "websphere real time",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.14.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv200",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0"
},
{
"_id": null,
"model": "rational synergy ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.3"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.6.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.4.0.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.4"
},
{
"_id": null,
"model": "spss modeler fp3 if011",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.7"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10"
},
{
"_id": null,
"model": "qradar incident forensics",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"_id": null,
"model": "linux enterprise module for legacy software",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.11"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.46"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.21"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.10"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.9"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.12"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.200"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.3"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.5"
},
{
"_id": null,
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.55"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0"
},
{
"_id": null,
"model": "snapcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.2"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "39"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.7"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere real time sr fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3810"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.2"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.5"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.10"
},
{
"_id": null,
"model": "domino fp if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.132"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.4"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "34"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli monitoring fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.302"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.12"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.1.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.9"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.67"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "29.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.0.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.02"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.4"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.20.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "sterling control center ifix02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.34"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"_id": null,
"model": "tivoli netcool configuration manager if001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1.3"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"_id": null,
"model": "integrated management module ii for system 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5108-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.6"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36.0.4"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"_id": null,
"model": "security network intrusion prevention system gx3002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.6"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.28"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.4"
},
{
"_id": null,
"model": "directory server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7"
},
{
"_id": null,
"model": "fibre channel switch",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "22.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "37.0.2"
},
{
"_id": null,
"model": "qradar siem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.11"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.52"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "40"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "33"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.6"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.10.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.5.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.4"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.7"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.5.0.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.24"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.13.4"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.0"
},
{
"_id": null,
"model": "tivoli netcool configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.19"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1"
},
{
"_id": null,
"model": "websphere application server for bluemix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.3"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.33"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.3"
},
{
"_id": null,
"model": "bundle of g8264cs image",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "os image for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.31"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"_id": null,
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "26.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.10"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"_id": null,
"model": "qradar incident forensics patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.62"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.5"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.6.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.10"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.23"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.4"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "16.0.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.26"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.6"
},
{
"_id": null,
"model": "omnifind enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.5"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.16.2.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.9.2"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"_id": null,
"model": "os image for red hat",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "algo one core",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"_id": null,
"model": "snapmanager for sharepoint",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.3"
},
{
"_id": null,
"model": "qradar siem mr2 patch if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.112"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "websphere ilog jrules",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "filenet content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.26"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.10"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.4"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3.1"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.11"
},
{
"_id": null,
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.8"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.18"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "tivoli storage manager client management services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"_id": null,
"model": "tivoli directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.8"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.10"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.2"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.31"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.6"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.5"
},
{
"_id": null,
"model": "websphere mq internet pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.8"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "32.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "spss analytic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.1"
},
{
"_id": null,
"model": "flex system chassis management module 2pet14c-2.5.5c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.7"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"_id": null,
"model": "integrated management module ii for flex systems 1aoo70h-5.40",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.22"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"_id": null,
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.9"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.7"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.18"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.803"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.6.1"
},
{
"_id": null,
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"_id": null,
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.22"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.4"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.5.0.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5208",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "28.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.2"
},
{
"_id": null,
"model": "websphere real time sr7 fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.2"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.25"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.13.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.1"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.8"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0"
},
{
"_id": null,
"model": "sterling control center ifix04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.0.1"
},
{
"_id": null,
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "15.0"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.1000"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.311"
},
{
"_id": null,
"model": "contact optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0"
},
{
"_id": null,
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "43.0.2"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.6.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.14"
},
{
"_id": null,
"model": "tivoli netcool configuration manager if",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.6003"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.4"
},
{
"_id": null,
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.5"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.5"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "spss modeler fp2 if006",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.14"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.66"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.3"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"_id": null,
"model": "ftm for cps",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.2"
},
{
"_id": null,
"model": "lotus widget factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "sterling control center ifix06",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3.0.10"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.32"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.05"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "jrockit r28.3.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.6"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1.0.7"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "18.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational synergy ifix01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.7"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.23.0"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "spss modeler fp3 if025",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.11"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.5"
},
{
"_id": null,
"model": "ccr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "installation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7"
},
{
"_id": null,
"model": "websphere real time sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "sterling control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for luw",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "30.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"_id": null,
"model": "spss modeler fp1 if021",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17"
},
{
"_id": null,
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.34"
},
{
"_id": null,
"model": "websphere real time sr8 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "security network intrusion prevention system gx5008-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.3.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.10"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.3.0.12"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "os image for red hat",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "28.0.1"
},
{
"_id": null,
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "tivoli storage manager client management service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.000"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.0"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational policy tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.5"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "25.0.1"
},
{
"_id": null,
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "29.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.2"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3.0.10"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"_id": null,
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4002",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere partner gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.3"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.10"
},
{
"_id": null,
"model": "control center 6.0.0.0ifix03",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.1.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "cognos business viewpoint fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.23"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"_id": null,
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.7"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.8"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"_id": null,
"model": "system networking rackswitch g8316",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "control center ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.1"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "security directory integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"_id": null,
"model": "host on-demand",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.14"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"_id": null,
"model": "sterling connect:direct ftp+",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "tivoli system automation for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7412-05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "17.0.0.1"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "virtual storage console for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"_id": null,
"model": "spectrum scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"_id": null,
"model": "b-type san directors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.4"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.2"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "content foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.85"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"_id": null,
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "13.0"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.6.0.3"
},
{
"_id": null,
"model": "snapcenter plug-in for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2"
},
{
"_id": null,
"model": "license metric tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "g8264cs si fabric image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.0"
},
{
"_id": null,
"model": "tivoli access manager for e-business",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.2"
},
{
"_id": null,
"model": "websphere operational decision management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "system networking rackswitch g8124",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"_id": null,
"model": "purepower integrated manager appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.1"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.9"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "7-mode transition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.13"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "27.0"
},
{
"_id": null,
"model": "fabric operating system 7.4.1c",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.2.0.8"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.5"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.3"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.405"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.4"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "14.2"
},
{
"_id": null,
"model": "websphere partner gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"_id": null,
"model": "websphere extreme scale",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.32"
},
{
"_id": null,
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.1"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.8"
},
{
"_id": null,
"model": "websphere lombardi edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.1"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.7"
},
{
"_id": null,
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.4"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.51"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"_id": null,
"model": "purepower integrated manager power vc appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.13"
},
{
"_id": null,
"model": "websphere real time sr6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "predictive insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "b2b advanced communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0.2"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.2"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.14"
},
{
"_id": null,
"model": "websphere real time sr4-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.0"
},
{
"_id": null,
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.5.0.6"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.5"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.2.06"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.2"
},
{
"_id": null,
"model": "cplex enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.4"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.4"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.11"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.1.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.6"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.21"
},
{
"_id": null,
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "12.0"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.3.0"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.3"
},
{
"_id": null,
"model": "tivoli storage manager operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.2000"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.13"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "spss modeler fp2 if013",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16"
},
{
"_id": null,
"model": "si4093 image",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.17"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.8"
},
{
"_id": null,
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.12.0"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"_id": null,
"model": "filenet business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.2.02"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"_id": null,
"model": "infosphere data architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational service tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "41.0.2"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1.1"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1"
},
{
"_id": null,
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "oncommand cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "gpfs storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.3"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"_id": null,
"model": "ilog optimization decision manager enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.4.0.7"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.15"
},
{
"_id": null,
"model": "integrated management module ii for system 1aoo",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.3"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "36"
},
{
"_id": null,
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0.3"
},
{
"_id": null,
"model": "rational collaborative lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"_id": null,
"model": "rational software architect realtime edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.1"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.12"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.17"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.2"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0"
},
{
"_id": null,
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.12"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"_id": null,
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v840"
},
{
"_id": null,
"model": "system networking rackswitch g8264cs",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.13.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.17.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.16"
},
{
"_id": null,
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"_id": null,
"model": "tivoli system automation application manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"_id": null,
"model": "content foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.16"
},
{
"_id": null,
"model": "spss analytic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.10"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gv1000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "19.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "14.0.1"
},
{
"_id": null,
"model": "cplex optimization studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.6.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"_id": null,
"model": "marketing operations",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"_id": null,
"model": "netezza diagnostics tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.1"
},
{
"_id": null,
"model": "infosphere optim query workload tuner for db2 for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "32.0.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.4"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.7"
},
{
"_id": null,
"model": "cognos command center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.5"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.4"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "decision optimization center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.7"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9"
},
{
"_id": null,
"model": "rational publishing engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.10"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "sterling secure proxy ifix05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0.6"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.28"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50007.3"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.6"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "rational developer for c/c++",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.39"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"_id": null,
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"_id": null,
"model": "system networking switch center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.2.0"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.8.24.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.3"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.24"
},
{
"_id": null,
"model": "rational functional tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.4"
},
{
"_id": null,
"model": "business process manager advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.8"
},
{
"_id": null,
"model": "omnifind enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "security appscan source",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.4.0.7"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.0.0.0"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"_id": null,
"model": "websphere real time sr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "39"
},
{
"_id": null,
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"_id": null,
"model": "mq appliance m2000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.3"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"_id": null,
"model": "elastic storage server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.3"
},
{
"_id": null,
"model": "rlks administration and reporting tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.9"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "23.0"
},
{
"_id": null,
"model": "sterling external authentication server ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.86"
},
{
"_id": null,
"model": "system networking rackswitch g8264t",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"_id": null,
"model": "1/10gb uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.13.0"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.15.2"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.1.8"
},
{
"_id": null,
"model": "rational rhapsody design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"_id": null,
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.3"
},
{
"_id": null,
"model": "rational test workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7.0.3"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "snapcenter plug-in for microsoft sql server",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.1.0.6"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"_id": null,
"model": "packaging utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.8.4"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "31.5.3"
},
{
"_id": null,
"model": "websphere service registry and repository studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "rational requirements composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"_id": null,
"model": "system networking rackswitch g8264",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v50006.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"_id": null,
"model": "sterling secure proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.1.7"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.19"
},
{
"_id": null,
"model": "web experience factory",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.3.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.10"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"_id": null,
"model": "sterling control center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.2.1"
},
{
"_id": null,
"model": "rational developer for power systems software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.3"
},
{
"_id": null,
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"_id": null,
"model": "watson explorer annotation administration console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"_id": null,
"model": "system networking rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.15.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.4"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"_id": null,
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"_id": null,
"model": "virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.9.0"
},
{
"_id": null,
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0"
},
{
"_id": null,
"model": "bluemix liberty for java",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.9"
},
{
"_id": null,
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "23.0.1"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"_id": null,
"model": "rational method composer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.9"
},
{
"_id": null,
"model": "security network intrusion prevention system gx7800",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.2"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "34.0.5"
},
{
"_id": null,
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"_id": null,
"model": "infosphere streams",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "21.0"
},
{
"_id": null,
"model": "operational decision manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"_id": null,
"model": "mq light",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"_id": null,
"model": "marketing platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"_id": null,
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1.2"
},
{
"_id": null,
"model": "rational performance tester",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "17.0.3"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "38.2"
},
{
"_id": null,
"model": "sterling secure proxy ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.1.237"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.35"
},
{
"_id": null,
"model": "data studio client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.1.1"
},
{
"_id": null,
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"_id": null,
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"_id": null,
"model": "rlks administration agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.4.7"
},
{
"_id": null,
"model": "rational business developer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.3"
},
{
"_id": null,
"model": "business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.12"
},
{
"_id": null,
"model": "oncommand unified manager for clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"_id": null,
"model": "rational developer for aix and cobol",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"_id": null,
"model": "rational engineering lifecycle manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"_id": null,
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"_id": null,
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"_id": null,
"model": "sterling external authentication server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.2"
},
{
"_id": null,
"model": "security network intrusion prevention system gx4004-v2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"_id": null,
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"_id": null,
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"_id": null,
"model": "filenet business process manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.1"
},
{
"_id": null,
"model": "spss collaboration and deployment services",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"_id": null,
"model": "storage services connector",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"_id": null,
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "24.1.1"
},
{
"_id": null,
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"_id": null,
"model": "rational doors next generation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"_id": null,
"model": "watson explorer analytical components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37007.1"
},
{
"_id": null,
"model": "websphere real time sr9 fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"_id": null,
"model": "rational software architect design manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"_id": null,
"model": "watson content analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"_id": null,
"model": "rational developer for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35007.2.0.8"
},
{
"_id": null,
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.01"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.33"
},
{
"_id": null,
"model": "system networking rackswitch g8124-e",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.16.0"
},
{
"_id": null,
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"_id": null,
"model": "websphere business events",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.34"
},
{
"_id": null,
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"_id": null,
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.5.0.6"
},
{
"_id": null,
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.14.5"
},
{
"_id": null,
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2.0.8"
},
{
"_id": null,
"model": "spss modeler",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "15.0.0.2"
},
{
"_id": null,
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"_id": null,
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
}
],
"sources": [
{
"db": "BID",
"id": "79684"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"credits": {
"_id": null,
"data": "Karthikeyan Bhargavan",
"sources": [
{
"db": "BID",
"id": "79684"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7575",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7575",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2015-7575",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7575",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-603",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7575",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"description": {
"_id": null,
"data": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. Mozilla Network Security Services is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. \nThis issue is fixed in:\nFirefox 43.0.2\nFirefox ESR 38.5.2\nNetwork Security Services 3.20.2. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201801-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: PolarSSL: Multiple vulnerabilities\n Date: January 15, 2018\n Bugs: #537108, #620504\n ID: 201801-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PolarSSL, the worst of\nwhich may allow remote attackers to execute arbitrary code. \n\nBackground\n==========\n\nPolarSSL is a cryptographic library for embedded systems. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/polarssl \u003c 1.3.9-r1 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in PolarSSL. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker might be able to execute arbitrary code, cause Denial\nof Service condition or obtain sensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nGentoo has discontinued support for PolarSSL and recommends that users\nunmerge the package:\n\n # emerge --unmerge \"net-libs/polarssl\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-1182\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1182\n[ 2 ] CVE-2015-7575\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7575\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201801-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n\n--Ph5IIMEQMv2VnlKUQ7M7LCqtbxvbmuakb--\n\n. ==========================================================================\nUbuntu Security Notice USN-2863-1\nJanuary 07, 2016\n\nopenssl vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to expose sensitive information over the network. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.33\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nIBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment\nand the IBM Java Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Further information\nabout these flaws can be found on the IBM Java Security alerts page, listed\nin the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981,\nCVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448,\nCVE-2016-0466, CVE-2016-0483, CVE-2016-0494)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file. Bugs fixed (https://bugzilla.redhat.com/):\n\n1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123\n1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions\n1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)\n1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword()\n1298906 - CVE-2016-0494 ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)\n1298957 - CVE-2016-0402 OpenJDK: URL deserialization inconsistencies (Networking, 8059054)\n1299073 - CVE-2016-0448 OpenJDK: logging of RMI connection secrets (JMX, 8130710)\n1299385 - CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)\n1299441 - CVE-2016-0483 OpenJDK: incorrect boundary check in JPEG decoder (AWT, 8139017)\n1302689 - CVE-2015-5041 IBM JDK: J9 JVM allows code to invoke non-public interface methods\n\n6. \n\nBackground\n==========\n\nmbed TLS (previously PolarSSL) is an \"easy to understand, use,\nintegrate and expand\" implementation of the TLS and SSL protocols and\nthe respective cryptographic algorithms and support code required. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n--meXqunA8BhEhIM1DNPs3RlHKbtgWVCnXm--\n\n. \n\nMore information can be found at\nhttps://www.mitls.org/pages/attacks/SLOTH\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.0.1e-2+deb7u19. \n\nFor the stable distribution (jessie), the testing distribution (stretch)\nand the unstable distribution (sid), this issue was already addressed in\nversion 1.0.1f-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2016:0008-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0008.html\nIssue date: 2016-01-07\nUpdated on: 2016-01-08\nCVE Names: CVE-2015-7575 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1289841 - CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\n\nppc64:\nopenssl-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.ppc.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.s390.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.ppc64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.s390x.rpm\nopenssl-static-1.0.1e-42.el6_7.2.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-42.el6_7.2.src.rpm\n\ni386:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-devel-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.i686.rpm\nopenssl-static-1.0.1e-42.el6_7.2.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-perl-1.0.1e-42.el6_7.2.x86_64.rpm\nopenssl-static-1.0.1e-42.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.2.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.2.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.2.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.2.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.2.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.2.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-7575\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/articles/2112261\nhttp://www.mitls.org/pages/attacks/SLOTH\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWjy/pXlSAg2UNWIIRAuxtAKCKQ2VxTXABN4fn+b0MiLythds2GACfe3fA\nFZkb9bdxBhbyQJXSgVOJ3BA=\n=k57I\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-7575",
"trust": 2.9
},
{
"db": "BID",
"id": "79684",
"trust": 1.4
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036467",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034541",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-7575",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145895",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135556",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135557",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135341",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135177",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"id": "VAR-201601-0016",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42407408333333335
},
"last_update_date": "2026-03-03T21:51:15.603000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Mozilla Firefox and Firefox ESR Network Security Services Repair measures for security bypass vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59354"
},
{
"title": "Red Hat: Moderate: nss security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160007 - Security Advisory"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160008 - Security Advisory"
},
{
"title": "Red Hat: Moderate: gnutls security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20160012 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: openssl vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2863-1"
},
{
"title": "Ubuntu Security Notice: nss vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2864-1"
},
{
"title": "Debian Security Advisories: DSA-3437-1 gnutls26 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=819c25e4161d9c59fbf9d403120315be"
},
{
"title": "Ubuntu Security Notice: gnutls26, gnutls28 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2865-1"
},
{
"title": "Ubuntu Security Notice: firefox vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2866-1"
},
{
"title": "Debian Security Advisories: DSA-3436-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=07247103b9fb762bfde68fed155965f3"
},
{
"title": "Amazon Linux AMI: ALAS-2016-651",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-651"
},
{
"title": "Amazon Linux AMI: ALAS-2016-645",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-645"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2015-150",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2015-150"
},
{
"title": "Red Hat: CVE-2015-7575",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-7575"
},
{
"title": "Debian Security Advisories: DSA-3457-1 iceweasel -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d48a126fa6377735d59aba73766b6a48"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2904-1"
},
{
"title": "Symantec Security Advisories: SA108 : Transcript Collision Attacks Against TLS 1.2 (SLOTH)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=0c68b89195c7cccd63c86c9e03beac4b"
},
{
"title": "Debian Security Advisories: DSA-3491-1 icedove -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=4a77c8f35d141b32b86ffec7b9604cd1"
},
{
"title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2884-1"
},
{
"title": "Tenable Security Advisories: [R7] OpenSSL \u002720151203\u0027 Advisory Affects Tenable SecurityCenter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-01"
},
{
"title": "Debian Security Advisories: DSA-3458-1 openjdk-7 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=40831417d121ab10d4dc7fc0d8144eac"
},
{
"title": "Debian Security Advisories: DSA-3465-1 openjdk-6 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=28d9723420cf12ab64c1ab4b2dc2c045"
},
{
"title": "Amazon Linux AMI: ALAS-2016-643",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-643"
},
{
"title": "Amazon Linux AMI: ALAS-2016-661",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-661"
},
{
"title": "Amazon Linux AMI: ALAS-2016-647",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-647"
},
{
"title": "Debian Security Advisories: DSA-3688-1 nss -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=373dcfd6d281e203a1b020510989c2b1"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Netezza Analytics for NPS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c36fc403a4c2c6439b732d2fca738f58"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/RedHatSatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-19",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/79684"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0056.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2863-1"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2865-1"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201706-18"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201801-15"
},
{
"trust": 1.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489"
},
{
"trust": 1.1,
"url": "https://developer.mozilla.org/docs/mozilla/projects/nss/nss_3.20.2_release_notes"
},
{
"trust": 1.1,
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2884-1"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2016:1430"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2904-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0053.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0054.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0049.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3457"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3491"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0055.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0050.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3437"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2866-1"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3436"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034541"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2864-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036467"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20160225-0001/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7575"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-affect-ibm-netezza-analytics/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-affect-ibm-netezza-analytics-for-nps/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-jre-8-0-1-1-affect-ibm-netezza-platform-software-clients/"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0008.html"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-7575"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.com/en-us/"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory2.asc"
},
{
"trust": 0.3,
"url": "https://kb.netapp.com/support/index?page=content\u0026id=9010065\u0026actp=rss"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=nas8n1021096"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=nas8n1021133"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974599"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974776"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974922"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21975233"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975893"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975980"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976006"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976117"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976169"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976265"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976339"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21976527"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976852"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976867"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976868"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976926"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977005"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977047"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977054"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977135"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977202"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977225"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21977244"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/java_jan2016_advisory.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023250"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023284"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023292"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023364"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023378"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023408"
},
{
"trust": 0.3,
"url": "https://www.mozilla.org/en-us/security/advisories/mfsa2015-150/"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099195"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099200"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099203"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099210"
},
{
"trust": 0.3,
"url": " https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099293"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0012.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982337"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory16.asc"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0007.html"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979528"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976573"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978310"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980379"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974637"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099390"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21979761"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005584"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005585"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005588"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005722"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005735"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972468"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972469"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974192"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974194"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974643"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974808"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974888"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974958"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975410"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975424"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975573"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975785"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975820"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975832"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975835"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975877"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975929"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975930"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976042"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976080"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976113"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976217"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976276"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976341"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976362"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976366"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976442"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976476"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976545"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976553"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976569"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976631"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976678"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976733"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976763"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976765"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976768"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976813"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976842"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976844"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976845"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976854"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976855"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976869"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976886"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976888"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976894"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976896"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976925"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976947"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976957"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977127"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977129 "
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977347"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977407"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977517"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977518"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977523"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977575"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977618"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977646"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977647"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977664"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977838"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977880"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978008"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978188"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979194"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979412"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979757"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981333"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981540"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982445"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982446"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099197 "
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0448"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8472"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0448"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0466"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-8126"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8126"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0483"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0483"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0402"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0494"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0466"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0402"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2015-8472"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0494"
},
{
"trust": 0.2,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7575"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5041"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-5041"
},
{
"trust": 0.2,
"url": "https://www.mitls.org/pages/attacks/sloth"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/19.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:0007"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2863-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0475"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0098.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0475"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.33"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0099.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8540"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-7981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8540"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5291"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5291"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#appendixjava"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2112261"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls26/2.12.14-5ubuntu3.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls26/2.12.23-12ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gnutls28/3.3.8-3ubuntu3.2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7575"
},
{
"db": "BID",
"id": "79684"
},
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135556"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "135557"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135210"
},
{
"db": "PACKETSTORM",
"id": "135341"
},
{
"db": "PACKETSTORM",
"id": "135178"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
},
{
"db": "NVD",
"id": "CVE-2015-7575"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"db": "BID",
"id": "79684",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "145895",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135556",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135166",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135557",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "143032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135210",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135341",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135178",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "135177",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-01-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"date": "2015-12-22T00:00:00",
"db": "BID",
"id": "79684",
"ident": null
},
{
"date": "2018-01-15T16:13:03",
"db": "PACKETSTORM",
"id": "145895",
"ident": null
},
{
"date": "2016-02-02T16:44:07",
"db": "PACKETSTORM",
"id": "135556",
"ident": null
},
{
"date": "2016-01-07T19:23:00",
"db": "PACKETSTORM",
"id": "135166",
"ident": null
},
{
"date": "2016-02-02T16:44:12",
"db": "PACKETSTORM",
"id": "135557",
"ident": null
},
{
"date": "2017-06-20T22:26:17",
"db": "PACKETSTORM",
"id": "143032",
"ident": null
},
{
"date": "2016-01-11T16:57:40",
"db": "PACKETSTORM",
"id": "135210",
"ident": null
},
{
"date": "2016-01-21T14:47:53",
"db": "PACKETSTORM",
"id": "135341",
"ident": null
},
{
"date": "2016-01-08T15:13:28",
"db": "PACKETSTORM",
"id": "135178",
"ident": null
},
{
"date": "2016-01-08T15:13:18",
"db": "PACKETSTORM",
"id": "135177",
"ident": null
},
{
"date": "2015-12-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"date": "2016-01-09T02:59:10.910000",
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7575",
"ident": null
},
{
"date": "2016-10-26T02:01:00",
"db": "BID",
"id": "79684",
"ident": null
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-603",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7575",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "145895"
},
{
"db": "PACKETSTORM",
"id": "135166"
},
{
"db": "PACKETSTORM",
"id": "143032"
},
{
"db": "PACKETSTORM",
"id": "135177"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 1.0
},
"title": {
"_id": null,
"data": "Mozilla Firefox and Firefox ESR Network Security Services Permissions and Access Control Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-603"
}
],
"trust": 0.6
}
}
VAR-201709-0612
Vulnerability from variot - Updated: 2025-04-20 23:27IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132368. Vendors have confirmed this vulnerability IBM X-Force ID: 132368 It is released as.Information may be obtained and information may be altered. IBMWebSphereDataPowerAppliances is a set of network equipment from IBM Corporation of the United States. The device is designed to simplify, secure, and accelerate the deployment of XML and Web services in SOA. A remote attacker could exploit this vulnerability to inject arbitrary JavaScript code into the WebUI. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0612",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.13"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.13"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateway",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "websphere datapower appliances",
"scope": "gte",
"trust": 0.6,
"vendor": "ibm",
"version": "7.0.0\u003c=7.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.16"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "BID",
"id": "101021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Strbel",
"sources": [
{
"db": "BID",
"id": "101021"
}
],
"trust": 0.3
},
"cve": "CVE-2017-1591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-1591",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-34841",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-106779",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-1591",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1591",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1591",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-34841",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-1258",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-106779",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "VULHUB",
"id": "VHN-106779"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132368. Vendors have confirmed this vulnerability IBM X-Force ID: 132368 It is released as.Information may be obtained and information may be altered. IBMWebSphereDataPowerAppliances is a set of network equipment from IBM Corporation of the United States. The device is designed to simplify, secure, and accelerate the deployment of XML and Web services in SOA. A remote attacker could exploit this vulnerability to inject arbitrary JavaScript code into the WebUI. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1591"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "BID",
"id": "101021"
},
{
"db": "VULHUB",
"id": "VHN-106779"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1591",
"trust": 3.4
},
{
"db": "BID",
"id": "101021",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-34841",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "37702",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-106779",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "VULHUB",
"id": "VHN-106779"
},
{
"db": "BID",
"id": "101021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"id": "VAR-201709-0612",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "VULHUB",
"id": "VHN-106779"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
}
]
},
"last_update_date": "2025-04-20T23:27:16.734000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2008815",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22008815"
},
{
"title": "Patch for IBMWebSphereDataPowerAppliances cross-site scripting vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106575"
},
{
"title": "IBM WebSphere DataPower Appliances Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75169"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-106779"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101021"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1591"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1591"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1591"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/37702"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22008815"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "VULHUB",
"id": "VHN-106779"
},
{
"db": "BID",
"id": "101021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "VULHUB",
"id": "VHN-106779"
},
{
"db": "BID",
"id": "101021"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-106779"
},
{
"date": "2017-09-25T00:00:00",
"db": "BID",
"id": "101021"
},
{
"date": "2017-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"date": "2017-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"date": "2017-09-28T01:29:02.793000",
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"date": "2017-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-106779"
},
{
"date": "2017-09-25T00:00:00",
"db": "BID",
"id": "101021"
},
{
"date": "2017-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008520"
},
{
"date": "2017-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1258"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-1591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM WebSphere DataPower Appliances cross-site scripting vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-34841"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-1258"
}
],
"trust": 0.6
}
}
VAR-201601-0588
Vulnerability from variot - Updated: 2025-04-13 23:21GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The system can monitor application usage, website access and operation execution within the network to avoid threats such as malware and botnets. IBM GSKit (IBM Global Security Toolkit) is a set of security management tools for it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0588",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "security network protection",
"scope": "eq",
"trust": 2.7,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "5.3.1.7"
},
{
"model": "security network protection",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.3"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.2"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.1"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1.0"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.5"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.4"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.3"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.2"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.1"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.6"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.5"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.4"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.3"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.2"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.1"
},
{
"model": "websphere transformation extender secure adapter collection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.19"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.18"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.17"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.16"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.02"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.13"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.12"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.11"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.10"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "transformation extender",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "tivoli network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9"
},
{
"model": "tivoli monitoring fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "tivoli monitoring fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "tivoli directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.9"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.7"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.5"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.2"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.12"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.11"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"model": "tivoli continuous data protection for files",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"model": "security siteprotector system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "security directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "security directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.14"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.13"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.12"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.11"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.10"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.9"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.8"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.7"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.6"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "personal communications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.15"
},
{
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mobile connect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5.2"
},
{
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "infosphere biginsights",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "informix dynamic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "12.10"
},
{
"model": "informix dynamic server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.7"
},
{
"model": "informix client sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.10"
},
{
"model": "informix client sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.70"
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae purescale? feature for enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.8"
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae connect? unlimited edition for system z\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae connect? unlimited edition for system i\u00ae",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae connect? enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae connect? application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2\u00ae advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.18"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server runtime client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server driver package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server driver for odbc and cli",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "data server client",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "content manager ondemand for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "content manager ondemand for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "content manager ondemand for multiplatforms",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "content manager enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.3"
},
{
"model": "content manager enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0.1"
},
{
"model": "content collector for sap applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.0.2"
},
{
"model": "communications server for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "communications server for linux on system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "communications server for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "communications server for data center deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "communications server for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.7"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.15"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.19"
}
],
"sources": [
{
"db": "BID",
"id": "80883"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:security_network_protection_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM",
"sources": [
{
"db": "BID",
"id": "80883"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0201",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-87711",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2016-0201",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0201",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-0201",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-360",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-87711",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. The system can monitor application usage, website access and operation execution within the network to avoid threats such as malware and botnets. IBM GSKit (IBM Global Security Toolkit) is a set of security management tools for it",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "BID",
"id": "80883"
},
{
"db": "VULHUB",
"id": "VHN-87711"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0201",
"trust": 2.8
},
{
"db": "BID",
"id": "80883",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1034696",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-87711",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87711"
},
{
"db": "BID",
"id": "80883"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"id": "VAR-201601-0588",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-87711"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:09.612000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "1974242",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974242"
},
{
"title": "IBM Security Network Protection GSKit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59678"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974242"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/80883"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034696"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0201"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0201"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972246"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974389"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974452"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21974242"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974333"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974407"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974466"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974589"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974598"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974621"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974683"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974685"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974698"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974700"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=630\u0026uid=swg21974785"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?rs=630\u0026uid=swg21974872"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974884"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974947"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974969"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974980"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975305"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975404"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976125"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977787"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982312"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-87711"
},
{
"db": "BID",
"id": "80883"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-87711"
},
{
"db": "BID",
"id": "80883"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-87711"
},
{
"date": "2016-01-15T00:00:00",
"db": "BID",
"id": "80883"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"date": "2016-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"date": "2016-01-18T05:59:07.647000",
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-87711"
},
{
"date": "2017-01-12T00:14:00",
"db": "BID",
"id": "80883"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001298"
},
{
"date": "2016-01-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-360"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-0201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Security Network Protection of GSKit Vulnerabilities in which authentication information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001298"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-360"
}
],
"trust": 0.6
}
}
VAR-201511-0082
Vulnerability from variot - Updated: 2025-04-13 23:03IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session. IBM DataPower Gateways is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels. The following versions are affected: IBM DataPower Gateway 6.0.0.16 and earlier, 6.0.1.12, 7.0.0.9, 7.1.0.6, 7.2.0.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0082",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "6.0.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.13"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "6.0.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.1.17"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1.0.x"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.x"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.0.17"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.1.x"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.x"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7.x"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.16"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.13"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.17"
}
],
"sources": [
{
"db": "BID",
"id": "77754"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM",
"sources": [
{
"db": "BID",
"id": "77754"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7427",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7427",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85388",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7427",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7427",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-253",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85388"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session. IBM DataPower Gateways is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels. The following versions are affected: IBM DataPower Gateway 6.0.0.16 and earlier, 6.0.1.12, 7.0.0.9, 7.1.0.6, 7.2.0.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7427"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "BID",
"id": "77754"
},
{
"db": "VULHUB",
"id": "VHN-85388"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7427",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253",
"trust": 0.7
},
{
"db": "BID",
"id": "77754",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-85388",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85388"
},
{
"db": "BID",
"id": "77754"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"id": "VAR-201511-0082",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85388"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:03:44.982000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IT10279",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10279"
},
{
"title": "1969342",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342"
},
{
"title": "IBM DataPower Gateway Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58741"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85388"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1it10279"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7427"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7427"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21969342"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85388"
},
{
"db": "BID",
"id": "77754"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-85388"
},
{
"db": "BID",
"id": "77754"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85388"
},
{
"date": "2015-11-18T00:00:00",
"db": "BID",
"id": "77754"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"date": "2015-11-14T03:59:07.850000",
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-16T00:00:00",
"db": "VULHUB",
"id": "VHN-85388"
},
{
"date": "2015-11-18T00:00:00",
"db": "BID",
"id": "77754"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005924"
},
{
"date": "2015-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-253"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7427"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Unspecified in appliance firmware Cookie Vulnerability that is captured",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005924"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-253"
}
],
"trust": 0.6
}
}
VAR-201511-0084
Vulnerability from variot - Updated: 2025-04-12 23:33The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote attackers to obtain plaintext data via a padding-oracle attack. IBM DataPower Gateway is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels. GatewayScript is one of the modules for handling mobile, web and API workloads and optimizing the gateway environment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.x"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "77502"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM",
"sources": [
{
"db": "BID",
"id": "77502"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7412",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2015-7412",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-85373",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7412",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-7412",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-130",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-85373",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote attackers to obtain plaintext data via a padding-oracle attack. IBM DataPower Gateway is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels. GatewayScript is one of the modules for handling mobile, web and API workloads and optimizing the gateway environment",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7412"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "BID",
"id": "77502"
},
{
"db": "VULHUB",
"id": "VHN-85373"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7412",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130",
"trust": 0.7
},
{
"db": "BID",
"id": "77502",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-89779",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-85373",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85373"
},
{
"db": "BID",
"id": "77502"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"id": "VAR-201511-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85373"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-12T23:33:58.052000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IT10701",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10701"
},
{
"title": "1964170",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964170"
},
{
"title": "IBM DataPower Gateways GatewayScript Repair measures for module security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58625"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964170"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1it10701"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7412"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7412"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85373"
},
{
"db": "BID",
"id": "77502"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-85373"
},
{
"db": "BID",
"id": "77502"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-85373"
},
{
"date": "2015-10-29T00:00:00",
"db": "BID",
"id": "77502"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"date": "2015-11-08T22:59:19.707000",
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-85373"
},
{
"date": "2015-10-29T00:00:00",
"db": "BID",
"id": "77502"
},
{
"date": "2015-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005811"
},
{
"date": "2015-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-130"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7412"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways Software GatewayScript Vulnerability in obtaining plaintext data in modules",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005811"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-130"
}
],
"trust": 0.6
}
}
VAR-201804-0750
Vulnerability from variot - Updated: 2024-11-23 23:12IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139023. Vendors have confirmed this vulnerability IBM X-Force ID: 139023 It is released as.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateways 7.1.0.0 through 7.1.0.21, 7.2.0.0 through 7.2.0.18, 7.5.0.0 through 7.5.0.13, 7.5.1.0 through 7.5.1.12, 7.5.2.0 through 7.5.2.12 and 7.6.0.0 through 7.6.0.5 are vulnerable; other versions may also be affected. The appliance is primarily used to simplify, secure and accelerate XML and Web services deployment in SOA. The following versions are affected: IBM WebSphere DataPower Appliances Version 7.1, Version 7.2, Version 7.5, Version 7.5.1, Version 7.5.2, Version 7.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0750",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.18"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.21"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.18"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.19"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.22"
}
],
"sources": [
{
"db": "BID",
"id": "103741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moshe Mizrahi",
"sources": [
{
"db": "BID",
"id": "103741"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1421",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-1421",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-124346",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-1421",
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1421",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1421",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-1421",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-309",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-124346",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124346"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139023. Vendors have confirmed this vulnerability IBM X-Force ID: 139023 It is released as.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. \nIBM DataPower Gateways 7.1.0.0 through 7.1.0.21, 7.2.0.0 through 7.2.0.18, 7.5.0.0 through 7.5.0.13, 7.5.1.0 through 7.5.1.12, 7.5.2.0 through 7.5.2.12 and 7.6.0.0 through 7.6.0.5 are vulnerable; other versions may also be affected. The appliance is primarily used to simplify, secure and accelerate XML and Web services deployment in SOA. The following versions are affected: IBM WebSphere DataPower Appliances Version 7.1, Version 7.2, Version 7.5, Version 7.5.1, Version 7.5.2, Version 7.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "BID",
"id": "103741"
},
{
"db": "VULHUB",
"id": "VHN-124346"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1421",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309",
"trust": 0.6
},
{
"db": "BID",
"id": "103741",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-124346",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124346"
},
{
"db": "BID",
"id": "103741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"id": "VAR-201804-0750",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-124346"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:12:12.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2015055",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22015055"
},
{
"title": "ibm-websphere-cve20181421-info-disc (139023)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139023"
},
{
"title": "IBM WebSphere DataPower Appliances Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83125"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124346"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22015055"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139023"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1421"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1421"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22015055"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124346"
},
{
"db": "BID",
"id": "103741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-124346"
},
{
"db": "BID",
"id": "103741"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-04T00:00:00",
"db": "VULHUB",
"id": "VHN-124346"
},
{
"date": "2018-03-27T00:00:00",
"db": "BID",
"id": "103741"
},
{
"date": "2018-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"date": "2018-04-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"date": "2018-04-04T18:29:02.217000",
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124346"
},
{
"date": "2018-03-27T00:00:00",
"db": "BID",
"id": "103741"
},
{
"date": "2018-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003762"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-309"
},
{
"date": "2024-11-21T03:59:47.200000",
"db": "NVD",
"id": "CVE-2018-1421"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM WebSphere DataPower Appliances In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003762"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-309"
}
],
"trust": 0.6
}
}
VAR-202003-1349
Vulnerability from variot - Updated: 2024-11-23 23:11IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961. IBM DataPower Gateway There is an authentication vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 174961 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.8"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 \u304b\u3089 2018.4.1.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
}
]
},
"cve": "CVE-2020-4205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-4205",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003006",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-182330",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2020-4205",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.6,
"id": "CVE-2020-4205",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-003006",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4205",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4205",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003006",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1114",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-182330",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182330"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961. IBM DataPower Gateway There is an authentication vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 174961 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4205"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "VULHUB",
"id": "VHN-182330"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4205",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-182330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182330"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"id": "VAR-202003-1349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182330"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:11:32.313000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6090886",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6090886"
},
{
"title": "ibm-datapower-cve20204205-sec-bypass (174961)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174961"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112600"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182330"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6090886"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174961"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4205"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-4205"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-mq-appliance-cve-2020-4025-and-cve-2020-4203/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-certificates-not-removed-from-datapower-valcred-when-updating-corresponding-apic-truststore-cve-2020-4205/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182330"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182330"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-19T00:00:00",
"db": "VULHUB",
"id": "VHN-182330"
},
{
"date": "2020-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"date": "2020-03-19T14:15:12.473000",
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-20T00:00:00",
"db": "VULHUB",
"id": "VHN-182330"
},
{
"date": "2020-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003006"
},
{
"date": "2020-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1114"
},
{
"date": "2024-11-21T05:32:23.680000",
"db": "NVD",
"id": "CVE-2020-4205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Authentication vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003006"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1114"
}
],
"trust": 0.6
}
}
VAR-202010-1455
Vulnerability from variot - Updated: 2024-11-23 23:07IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658. IBM DataPower Gateway Contains an information disclosure vulnerability. Vendor is responsible for this vulnerability IBM X-Force ID: 182658 Is published as.Information may be obtained. IBM MQ (IBM WebSphere MQ) and others are products of IBM Corporation in the United States. IBM MQ is a messaging middleware product. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. IBM MQ Appliance is an all-in-one device for rapid deployment of enterprise-level message middleware. This vulnerability number has been assigned, and the vulnerability details will be updated soon
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-1455",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "eq",
"trust": 1.8,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 to 2018.4.1.12"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"cve": "CVE-2020-4528",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2020-4528",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-182653",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-4528",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.4,
"id": "CVE-2020-4528",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-4528",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4528",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4528",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-4528",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-112",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-182653",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182653"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658. IBM DataPower Gateway Contains an information disclosure vulnerability. Vendor is responsible for this vulnerability IBM X-Force ID: 182658 Is published as.Information may be obtained. IBM MQ (IBM WebSphere MQ) and others are products of IBM Corporation in the United States. IBM MQ is a messaging middleware product. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. IBM MQ Appliance is an all-in-one device for rapid deployment of enterprise-level message middleware. This vulnerability number has been assigned, and the vulnerability details will be updated soon",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4528"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "VULHUB",
"id": "VHN-182653"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4528",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "50472",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-56454",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-182653",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182653"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"id": "VAR-202010-1455",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182653"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:07:47.516000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6333033 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6333033"
},
{
"title": "IBM MQ and IBM DataPower Gateway Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131199"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "information leak (CWE-200) [NVD Evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182653"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6333033"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182658"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4528"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-can-expose-remote-credentials-to-local-users-cve-2020-4528/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-an-information-disclosure-vulnerability-cve-2020-4528/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-mq-appliance-information-disclosure-via-log-files-33550"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/50472"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182653"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182653"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-182653"
},
{
"date": "2021-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"date": "2020-10-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"date": "2020-10-06T16:15:13.090000",
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-182653"
},
{
"date": "2021-04-23T06:53:00",
"db": "JVNDB",
"id": "JVNDB-2020-012081"
},
{
"date": "2020-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-112"
},
{
"date": "2024-11-21T05:32:51.087000",
"db": "NVD",
"id": "CVE-2020-4528"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Information Disclosure Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012081"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-112"
}
],
"trust": 0.6
}
}
VAR-202009-1462
Vulnerability from variot - Updated: 2024-11-23 22:55IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184441 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.12
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1462",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 to 2018.4.1.12"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"cve": "CVE-2020-4581",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-4581",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-182706",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4581",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4581",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4581",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4581",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-4581",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1259",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-182706",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182706"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184441 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.12",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4581"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "VULHUB",
"id": "VHN-182706"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4581",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "50466",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-54935",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-182706",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182706"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"id": "VAR-202009-1462",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182706"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:55:03.865000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6334707 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6334707"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128927"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6334707"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184441"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4581"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-denial-of-service-vulnerabilities-cve-2020-5481-cve-2020-4580-cve-2020-4579/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/50466"
},
{
"trust": 0.6,
"url": "http-2-in-ibm-datapower-gateway-cve-2020-4581/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-denial-of-service-with-"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182706"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182706"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-182706"
},
{
"date": "2021-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"date": "2020-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"date": "2020-09-21T15:15:12.933000",
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-182706"
},
{
"date": "2021-03-31T05:29:00",
"db": "JVNDB",
"id": "JVNDB-2020-011402"
},
{
"date": "2020-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1259"
},
{
"date": "2024-11-21T05:32:56.337000",
"db": "NVD",
"id": "CVE-2020-4581"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011402"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1259"
}
],
"trust": 0.6
}
}
VAR-201812-0395
Vulnerability from variot - Updated: 2024-11-23 22:51IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors. IBM X-Force ID: 144724. Vendors have confirmed this vulnerability IBM X-Force ID: 144724 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. MQ Appliance is an all-in-one device for rapid deployment of enterprise-level messaging middleware. The following products and versions are affected: IBM DataPower Gateway Version 7.1.0.0 to Version 7.1.0.19, Version 7.2.0.0 to Version 7.2.0.16, Version 7.5.0.0 to Version 7.5.0.10, Version 7.5.1.0 to Version 7.5.1.9, Version 7.5.2.0 to version 7.5.2.9, version 7.6.0.0 to version 7.6.0.2; MQ Appliance version 8.0.0.0 to version 8.0.0.8, version 9.0.1 to version 9.0.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "mq appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.2"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "mq appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "mq appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.0.5"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "mq appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1.0.0 to 7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.0 to 7.2.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1.0 to 7.5.1.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2.0 to 7.5.2.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.2"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0.0.0 to 8.0.0.8"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.0.1 to 9.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "mq appliance cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.5"
},
{
"model": "mq appliance cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "mq appliance cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "mq appliance cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "mq appliance cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "mq appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "mq appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.20"
}
],
"sources": [
{
"db": "BID",
"id": "106403"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:mq_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "106403"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1652",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1652",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-126887",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2018-1652",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.5,
"id": "CVE-2018-1652",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1652",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1652",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1652",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-341",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126887",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126887"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors. IBM X-Force ID: 144724. Vendors have confirmed this vulnerability IBM X-Force ID: 144724 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to cause a denial-of-service condition. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. MQ Appliance is an all-in-one device for rapid deployment of enterprise-level messaging middleware. The following products and versions are affected: IBM DataPower Gateway Version 7.1.0.0 to Version 7.1.0.19, Version 7.2.0.0 to Version 7.2.0.16, Version 7.5.0.0 to Version 7.5.0.10, Version 7.5.1.0 to Version 7.5.1.9, Version 7.5.2.0 to version 7.5.2.9, version 7.6.0.0 to version 7.6.0.2; MQ Appliance version 8.0.0.0 to version 8.0.0.8, version 9.0.1 to version 9.0.5",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1652"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "BID",
"id": "106403"
},
{
"db": "VULHUB",
"id": "VHN-126887"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1652",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341",
"trust": 0.7
},
{
"db": "BID",
"id": "106403",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-126887",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126887"
},
{
"db": "BID",
"id": "106403"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"id": "VAR-201812-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126887"
}
],
"trust": 0.56875
},
"last_update_date": "2024-11-23T22:51:53.839000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0717483",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10717483"
},
{
"title": "0744557",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744557"
},
{
"title": "ibm-mq-cve20181652-dos (144724)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144724"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87602"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126887"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10717483"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744557"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144724"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1652"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1652"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744557"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10717483"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126887"
},
{
"db": "BID",
"id": "106403"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126887"
},
{
"db": "BID",
"id": "106403"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-126887"
},
{
"date": "2018-12-07T00:00:00",
"db": "BID",
"id": "106403"
},
{
"date": "2019-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"date": "2018-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"date": "2018-12-11T16:29:00.467000",
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126887"
},
{
"date": "2018-12-07T00:00:00",
"db": "BID",
"id": "106403"
},
{
"date": "2019-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012014"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-341"
},
{
"date": "2024-11-21T04:00:08.467000",
"db": "NVD",
"id": "CVE-2018-1652"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106403"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway and MQ Appliance Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012014"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-341"
}
],
"trust": 0.6
}
}
VAR-201809-0549
Vulnerability from variot - Updated: 2024-11-23 22:48IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 144950. Vendors have confirmed this vulnerability IBM X-Force ID: 144950 It is released as.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. Version 2.0 to version 7.5.2.15, version 7.6.0.0 to version 7.6.0.8, IBM DataPower Gateway CD version 7.7.0.0 to version 7.7.1.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0549",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1.0.0 to 7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.0 to 7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1.0 to 7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2.0 to 7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "cd 7.7.0.0 to 7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateway cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.22"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.20"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
}
],
"sources": [
{
"db": "BID",
"id": "107853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli \u0026 Jeremy Soh",
"sources": [
{
"db": "BID",
"id": "107853"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-1669",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-127074",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-1669",
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1669",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1669",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-1669",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1098",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-127074",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127074"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 144950. Vendors have confirmed this vulnerability IBM X-Force ID: 144950 It is released as.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. Version 2.0 to version 7.5.2.15, version 7.6.0.0 to version 7.6.0.8, IBM DataPower Gateway CD version 7.7.0.0 to version 7.7.1.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1669"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "BID",
"id": "107853"
},
{
"db": "VULHUB",
"id": "VHN-127074"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1669",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098",
"trust": 0.7
},
{
"db": "BID",
"id": "107853",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-127074",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127074"
},
{
"db": "BID",
"id": "107853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"id": "VAR-201809-0549",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127074"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:48:34.752000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0730489",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10730489"
},
{
"title": "ibm-websphere-cve20181669-info-disc (144950)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144950"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85153"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127074"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10730489"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144950"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1669"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1669"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10730489"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127074"
},
{
"db": "BID",
"id": "107853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127074"
},
{
"db": "BID",
"id": "107853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-127074"
},
{
"date": "2018-09-20T00:00:00",
"db": "BID",
"id": "107853"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"date": "2018-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"date": "2018-09-25T15:29:01.237000",
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-127074"
},
{
"date": "2018-09-20T00:00:00",
"db": "BID",
"id": "107853"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010240"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1098"
},
{
"date": "2024-11-21T04:00:10.480000",
"db": "NVD",
"id": "CVE-2018-1669"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway and DataPower Gateway CD In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1098"
}
],
"trust": 0.6
}
}
VAR-201812-0436
Vulnerability from variot - Updated: 2024-11-23 22:48IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system. A local attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 145171. Vendors have confirmed this vulnerability IBM X-Force ID: 145171 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. IBM MQ is prone to a denial-of-service vulnerability. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. MQ Appliance is an all-in-one device for rapid deployment of enterprise-level messaging middleware. The following versions are affected: IBM DataPower Gateway versions 7.1.0.0 to 7.1.0.22, 7.2.0.0 to 7.2.0.20, 7.5.0.0 to 7.5.0.15, 7.5.1.0 to 7.5.1.14, 7.5. Version 2.0 to version 7.5.2.14, version 7.6.0.0 to version 7.6.0.7, version 7.7.0.0 to version 7.7.1.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0436",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.22"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.7"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.20"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.14"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.20"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.19"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.18"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.22"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.20"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.23"
}
],
"sources": [
{
"db": "BID",
"id": "106284"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "106284"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1677",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1677",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-127162",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2018-1677",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.4,
"id": "CVE-2018-1677",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1677",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1677",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1677",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-815",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-127162",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system. A local attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 145171. Vendors have confirmed this vulnerability IBM X-Force ID: 145171 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. IBM MQ is prone to a denial-of-service vulnerability. IBM DataPower Gateway is a secure and integrated platform designed for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. MQ Appliance is an all-in-one device for rapid deployment of enterprise-level messaging middleware. The following versions are affected: IBM DataPower Gateway versions 7.1.0.0 to 7.1.0.22, 7.2.0.0 to 7.2.0.20, 7.5.0.0 to 7.5.0.15, 7.5.1.0 to 7.5.1.14, 7.5. Version 2.0 to version 7.5.2.14, version 7.6.0.0 to version 7.6.0.7, version 7.7.0.0 to version 7.7.1.0",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1677"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "BID",
"id": "106284"
},
{
"db": "VULHUB",
"id": "VHN-127162"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1677",
"trust": 2.8
},
{
"db": "BID",
"id": "106284",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-127162",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127162"
},
{
"db": "BID",
"id": "106284"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"id": "VAR-201812-0436",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127162"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:48:31.550000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0744555",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744555"
},
{
"title": "ibm-websphere-cve20181677-dos (145171)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/145171"
},
{
"title": "IBM DataPower Gateway and MQ Appliance Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88011"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-755",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106284"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744555"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/145171"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1677"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1677"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744555"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127162"
},
{
"db": "BID",
"id": "106284"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127162"
},
{
"db": "BID",
"id": "106284"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-127162"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106284"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"date": "2018-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"date": "2018-12-20T14:29:00.307000",
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-127162"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106284"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012971"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-815"
},
{
"date": "2024-11-21T04:00:11.463000",
"db": "NVD",
"id": "CVE-2018-1677"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106284"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway and MQ Appliance Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012971"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-815"
}
],
"trust": 0.6
}
}
VAR-202103-0668
Vulnerability from variot - Updated: 2024-11-23 22:47IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965. Vendor exploits this vulnerability IBM X-Force ID: 189965 Is published as.Information may be obtained. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "10.0.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.0.0.0 to 10.0.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"cve": "CVE-2020-4831",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-4831",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-182956",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4831",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2020-4831",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-4831",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4831",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4831",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-4831",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-843",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-182956",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182956"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965. Vendor exploits this vulnerability IBM X-Force ID: 189965 Is published as.Information may be obtained. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4831"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "VULHUB",
"id": "VHN-182956"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4831",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-182956",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182956"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"id": "VAR-202103-0668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182956"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:47:41.136000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6398744 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6398744"
},
{
"title": "IBM DataPower Gateway Fixes for encryption problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=144559"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.1
},
{
"problemtype": "Use of incomplete or dangerous cryptographic algorithms (CWE-327) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182956"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6398744"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189965"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4831"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-vulnerability-in-tls-cve-2020-4831/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-datapower-gateway-man-in-the-middle-via-weak-cryptographic-algorithms-35797"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-vulnerability-in-tls-cve-2020-4831/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182956"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182956"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-182956"
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"date": "2021-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"date": "2021-03-12T17:15:12.270000",
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-182956"
},
{
"date": "2021-11-22T08:59:00",
"db": "JVNDB",
"id": "JVNDB-2021-004467"
},
{
"date": "2021-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-843"
},
{
"date": "2024-11-21T05:33:17.950000",
"db": "NVD",
"id": "CVE-2020-4831"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Vulnerability in using cryptographic algorithms in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004467"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-843"
}
],
"trust": 0.6
}
}
VAR-201812-0416
Vulnerability from variot - Updated: 2024-11-23 22:45IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891. IBM DataPower Gateway Contains a cryptographic strength vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144891 It is released as.Information may be obtained. IBM DataPower Gateways is prone to the following vulnerabilities: 1. A security weakness 2. A cross-site scripting vulnerability. An attacker may leverage these issues to obtain sensitive information or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. 0.0 version to 7.7.1.3 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0416",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1.0 to 7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2.0 to 7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.7.0.0 to 7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.11"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.18"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.18"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.19"
}
],
"sources": [
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli \u0026 Jeremy Soh.",
"sources": [
{
"db": "BID",
"id": "106816"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1665",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1665",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-127030",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1665",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2018-1665",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1665",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1665",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1665",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-621",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-127030",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127030"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891. IBM DataPower Gateway Contains a cryptographic strength vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144891 It is released as.Information may be obtained. IBM DataPower Gateways is prone to the following vulnerabilities:\n1. A security weakness\n2. A cross-site scripting vulnerability. \nAn attacker may leverage these issues to obtain sensitive information or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. 0.0 version to 7.7.1.3 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1665"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "VULHUB",
"id": "VHN-127030"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1665",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621",
"trust": 0.7
},
{
"db": "BID",
"id": "106816",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-127030",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127030"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"id": "VAR-201812-0416",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127030"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:45:08.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0744195",
"trust": 0.8,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10744195"
},
{
"title": "ibm-websphere-cve20181665-info-disc (144891)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144891"
},
{
"title": "IBM DataPower Gateways Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87863"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127030"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10744195"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144891"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1665"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1665"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744209"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744195"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127030"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127030"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-127030"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106816"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"date": "2018-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"date": "2018-12-13T16:29:00.553000",
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-127030"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106816"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013105"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-621"
},
{
"date": "2024-11-21T04:00:09.993000",
"db": "NVD",
"id": "CVE-2018-1665"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerabilities related to cryptographic strength",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013105"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-621"
}
],
"trust": 0.6
}
}
VAR-201812-0393
Vulnerability from variot - Updated: 2024-11-23 22:45IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144893. Vendors have confirmed this vulnerability IBM X-Force ID: 144893 It is released as.Information may be obtained and information may be altered. A security weakness 2. An attacker may leverage these issues to obtain sensitive information or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks and obtain sensitive information. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. Version 0.0 to version 7.5.0.18
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1.0 to 7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2.0 to 7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.7.0.0 to 7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.11"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.18"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.18"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.19"
}
],
"sources": [
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli \u0026 Jeremy Soh.",
"sources": [
{
"db": "BID",
"id": "106816"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1667",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2018-1667",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-127052",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2018-1667",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1667",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1667",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1667",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-622",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-127052",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127052"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144893. Vendors have confirmed this vulnerability IBM X-Force ID: 144893 It is released as.Information may be obtained and information may be altered. A security weakness\n2. \nAn attacker may leverage these issues to obtain sensitive information or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks and obtain sensitive information. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. Version 0.0 to version 7.5.0.18",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1667"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "VULHUB",
"id": "VHN-127052"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1667",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622",
"trust": 0.7
},
{
"db": "BID",
"id": "106816",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-127052",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127052"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"id": "VAR-201812-0393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127052"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:45:08.369000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0744209",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744209"
},
{
"title": "ibm-websphere-cve20181667-xss (144893)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144893"
},
{
"title": "IBM DataPower Gateway Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87864"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127052"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744209"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144893"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1667"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1667"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744209"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744195"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127052"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127052"
},
{
"db": "BID",
"id": "106816"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-127052"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106816"
},
{
"date": "2019-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"date": "2018-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"date": "2018-12-13T16:29:00.600000",
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-127052"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106816"
},
{
"date": "2019-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011425"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-622"
},
{
"date": "2024-11-21T04:00:10.243000",
"db": "NVD",
"id": "CVE-2018-1667"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-622"
}
],
"trust": 0.6
}
}
VAR-202003-1348
Vulnerability from variot - Updated: 2024-11-23 22:29IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956. IBM DataPower Gateway There is an information leakage vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 174956 It is published as.Information may be obtained. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. An attacker could exploit this vulnerability to obtain highly sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.8"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 \u304b\u3089 2018.4.1.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
}
]
},
"cve": "CVE-2020-4203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-4203",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003005",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-182328",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2020-4203",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2020-4203",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003005",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4203",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4203",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-003005",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-1129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-182328",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182328"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956. IBM DataPower Gateway There is an information leakage vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 174956 It is published as.Information may be obtained. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. An attacker could exploit this vulnerability to obtain highly sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4203"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "VULHUB",
"id": "VHN-182328"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4203",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "48025",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-182328",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182328"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"id": "VAR-202003-1348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182328"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:29:41.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6090934",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6090934"
},
{
"title": "ibm-datapower-cve20204203-info-disc (174956)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174956"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112609"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182328"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6090934"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174956"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4203"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-4203"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-mq-appliance-cve-2020-4025-and-cve-2020-4203/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-potential-exposure-of-sensitive-data-in-ibm-datapower-gateway-cve-2020-4203/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48025"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182328"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182328"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-19T00:00:00",
"db": "VULHUB",
"id": "VHN-182328"
},
{
"date": "2020-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"date": "2020-03-19T14:15:12.393000",
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "VULHUB",
"id": "VHN-182328"
},
{
"date": "2020-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003005"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-1129"
},
{
"date": "2024-11-21T05:32:23.447000",
"db": "NVD",
"id": "CVE-2020-4203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerability regarding information leakage in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003005"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-1129"
}
],
"trust": 0.6
}
}
VAR-202009-1460
Vulnerability from variot - Updated: 2024-11-23 22:29IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: 184438. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184438 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.12
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1460",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 to 2018.4.1.12"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"cve": "CVE-2020-4579",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-4579",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-182704",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4579",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4579",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4579",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4579",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-4579",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1260",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-182704",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: 184438. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184438 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.12",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "VULHUB",
"id": "VHN-182704"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4579",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "50465",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-54936",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-182704",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"id": "VAR-202009-1460",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182704"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:29:28.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6334703 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6334703"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128928"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/6334703"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184438"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4579"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-denial-of-service-vulnerabilities-cve-2020-5481-cve-2020-4580-cve-2020-4579/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-datapower-gateway-three-vulnerabilities-34173"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/50465"
},
{
"trust": 0.6,
"url": "http-2-in-ibm-datapower-gateway-cve-2020-4579/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-denial-of-service-with-"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182704"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-182704"
},
{
"date": "2021-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"date": "2020-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"date": "2020-09-21T15:15:12.747000",
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-182704"
},
{
"date": "2021-03-31T05:29:00",
"db": "JVNDB",
"id": "JVNDB-2020-011400"
},
{
"date": "2020-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1260"
},
{
"date": "2024-11-21T05:32:56.087000",
"db": "NVD",
"id": "CVE-2020-4579"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011400"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1260"
}
],
"trust": 0.6
}
}
VAR-201812-0406
Vulnerability from variot - Updated: 2024-11-23 22:26IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 144889. IBM DataPower Gateways Contains an information disclosure vulnerability. Vendors report this vulnerability IBM X-Force ID: 144889 Published as.Information may be obtained. Successful exploits will lead to other attacks. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. The following versions are affected: IBM DataPower Gateway Version 7.7.0.0 to Version 7.7.1.3 (CD), Version 7.6.0.0 to Version 7.6.0.9, Version 7.5.2.0 to Version 7.5.2.16, Version 7.5.1.0 to Version 7.5.1.16 , version 7.5.0.0 to version 7.5.0.17
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0406",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "eq",
"trust": 2.4,
"vendor": "ibm",
"version": "2018.4"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.1.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "106199"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM",
"sources": [
{
"db": "BID",
"id": "106199"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1663",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-1663",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-127008",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2018-1663",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1663",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1663",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1663",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-284",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-127008",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127008"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 144889. IBM DataPower Gateways Contains an information disclosure vulnerability. Vendors report this vulnerability IBM X-Force ID: 144889 Published as.Information may be obtained. Successful exploits will lead to other attacks. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. The following versions are affected: IBM DataPower Gateway Version 7.7.0.0 to Version 7.7.1.3 (CD), Version 7.6.0.0 to Version 7.6.0.9, Version 7.5.2.0 to Version 7.5.2.16, Version 7.5.1.0 to Version 7.5.1.16 , version 7.5.0.0 to version 7.5.0.17",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1663"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "BID",
"id": "106199"
},
{
"db": "VULHUB",
"id": "VHN-127008"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1663",
"trust": 2.8
},
{
"db": "BID",
"id": "106199",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-127008",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127008"
},
{
"db": "BID",
"id": "106199"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"id": "VAR-201812-0406",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127008"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:26:06.447000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0740033",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10740033"
},
{
"title": "ibm-websphere-cve20181663-info-disc (144889)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144889"
},
{
"title": "IBM DataPower Gateways Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87551"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127008"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106199"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10740033"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144889"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1663"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1663"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10740033"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127008"
},
{
"db": "BID",
"id": "106199"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127008"
},
{
"db": "BID",
"id": "106199"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-127008"
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106199"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"date": "2018-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"date": "2018-12-07T16:29:00.413000",
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-127008"
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106199"
},
{
"date": "2019-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012512"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-284"
},
{
"date": "2024-11-21T04:00:09.753000",
"db": "NVD",
"id": "CVE-2018-1663"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways Information Disclosure Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012512"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-284"
}
],
"trust": 0.6
}
}
VAR-201809-0605
Vulnerability from variot - Updated: 2024-11-23 22:17IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 echoing of AMP management interface authorization headers exposes login credentials in browser cache. IBM X-Force ID: 144890. Vendors have confirmed this vulnerability IBM X-Force ID: 144890 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0605",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1.0.0 to 7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2.0.0 to 7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1.0 to 7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2.0 to 7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "cd 7.7.0.0 to 7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.7.1.1"
},
{
"model": "datapower gateway cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.1.2"
},
{
"model": "datapower gateway cd",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.21"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.23"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.22"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.20"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
}
],
"sources": [
{
"db": "BID",
"id": "107856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli \u0026 Jeremy Soh",
"sources": [
{
"db": "BID",
"id": "107856"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1664",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1664",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-127019",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-1664",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2018-1664",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1664",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1664",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1664",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1099",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-127019",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127019"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 echoing of AMP management interface authorization headers exposes login credentials in browser cache. IBM X-Force ID: 144890. Vendors have confirmed this vulnerability IBM X-Force ID: 144890 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads of IBM Corporation in the United States, which can utilize a dedicated gateway The platform secures, integrates and optimizes access across channels",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1664"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "BID",
"id": "107856"
},
{
"db": "VULHUB",
"id": "VHN-127019"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1664",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099",
"trust": 0.7
},
{
"db": "BID",
"id": "107856",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-127019",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127019"
},
{
"db": "BID",
"id": "107856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"id": "VAR-201809-0605",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127019"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:17:18.949000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0730509",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10730509"
},
{
"title": "ibm-websphere-cve20181664-info-disc (144890)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144890"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85154"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127019"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10730509"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144890"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1664"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1664"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10730509"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127019"
},
{
"db": "BID",
"id": "107856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127019"
},
{
"db": "BID",
"id": "107856"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-127019"
},
{
"date": "2018-09-20T00:00:00",
"db": "BID",
"id": "107856"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"date": "2018-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"date": "2018-09-25T15:29:01.080000",
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-127019"
},
{
"date": "2018-09-20T00:00:00",
"db": "BID",
"id": "107856"
},
{
"date": "2018-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010241"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1099"
},
{
"date": "2024-11-21T04:00:09.873000",
"db": "NVD",
"id": "CVE-2018-1664"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "107856"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway and DataPower Gateway CD Vulnerabilities related to security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010241"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1099"
}
],
"trust": 0.6
}
}
VAR-202009-1461
Vulnerability from variot - Updated: 2024-11-23 22:16IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters. IBM X-Force ID: 184439. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184439 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1461",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 to 2018.4.1.12"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"cve": "CVE-2020-4580",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-4580",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-182705",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4580",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-4580",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-4580",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-4580",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-4580",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-182705",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-4580",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182705"
},
{
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters. IBM X-Force ID: 184439. IBM DataPower Gateway There is an unspecified vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 184439 Is published as.Denial of service (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "VULHUB",
"id": "VHN-182705"
},
{
"db": "VULMON",
"id": "CVE-2020-4580"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-4580",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "50473",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-54934",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-182705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-4580",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182705"
},
{
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"id": "VAR-202009-1461",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-182705"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:16:19.137000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6334705 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6334705"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128926"
},
{
"title": "IBM: Security Bulletin: Denial of Service in IBM DataPower Gateway (CVE-2020-4580)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=6023c2b7446040627266f330adefefe5"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184439"
},
{
"trust": 1.8,
"url": "https://www.ibm.com/support/pages/node/6334705"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4580"
},
{
"trust": 0.7,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-denial-of-service-in-ibm-datapower-gateway-cve-2020-4580/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-denial-of-service-vulnerabilities-cve-2020-5481-cve-2020-4580-cve-2020-4579/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/ibm-datapower-gateway-three-vulnerabilities-34173"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/50473"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-182705"
},
{
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-182705"
},
{
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-182705"
},
{
"date": "2020-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"date": "2021-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"date": "2020-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"date": "2020-09-21T15:15:12.840000",
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-182705"
},
{
"date": "2020-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2020-4580"
},
{
"date": "2021-03-31T05:29:00",
"db": "JVNDB",
"id": "JVNDB-2020-011401"
},
{
"date": "2020-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1258"
},
{
"date": "2024-11-21T05:32:56.200000",
"db": "NVD",
"id": "CVE-2020-4580"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1258"
}
],
"trust": 0.6
}
}
VAR-201801-1028
Vulnerability from variot - Updated: 2024-11-23 22:00IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817. IBM DataPower Gateway Contains vulnerabilities related to insufficient validation of data reliability. Vendors have confirmed this vulnerability IBM X-Force ID: 136817 It is released as.Information may be tampered with. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. A security vulnerability exists in IBM DataPower Gateways. The following versions are affected: IBM DataPower Gateways version 7.1, version 7,2, version 7.5, version 7.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.20"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.17"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.11"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.2.0.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
}
]
},
"cve": "CVE-2017-1773",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-1773",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-108781",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2017-1773",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-1773",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-1773",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-1133",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108781",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-1773",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817. IBM DataPower Gateway Contains vulnerabilities related to insufficient validation of data reliability. Vendors have confirmed this vulnerability IBM X-Force ID: 136817 It is released as.Information may be tampered with. IBM DataPower Gateways is a set of security and integration platforms designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads from IBM Corporation of the United States, which can utilize dedicated gateways The platform secures, integrates and optimizes access across channels. A security vulnerability exists in IBM DataPower Gateways. The following versions are affected: IBM DataPower Gateways version 7.1, version 7,2, version 7.5, version 7.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "VULMON",
"id": "CVE-2017-1773"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-1773",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-108781",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-1773",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"id": "VAR-201801-1028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-108781"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:00:46.291000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2012758",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22012758"
},
{
"title": "IBM DataPower Gateways Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78194"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-345",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012758"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/136817"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-1773"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1773"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/345.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-108781"
},
{
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-31T00:00:00",
"db": "VULHUB",
"id": "VHN-108781"
},
{
"date": "2018-01-31T00:00:00",
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"date": "2018-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"date": "2018-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"date": "2018-01-31T15:29:00.290000",
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-108781"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2017-1773"
},
{
"date": "2018-03-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001717"
},
{
"date": "2018-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1133"
},
{
"date": "2024-11-21T03:22:20.880000",
"db": "NVD",
"id": "CVE-2017-1773"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerabilities related to insufficient validation of data reliability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001717"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1133"
}
],
"trust": 0.6
}
}
VAR-202103-0661
Vulnerability from variot - Updated: 2024-11-23 21:51IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247. IBM DataPower Gateway Contains a server-side request forgery vulnerability. Vendor exploits this vulnerability IBM X-Force ID: 193247 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0661",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.14"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "10.0.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"cve": "CVE-2020-5014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-5014",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-183139",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2020-5014",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2020-5014",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-5014",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2020-5014",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-5014",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-537",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-183139",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-5014",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247. IBM DataPower Gateway Contains a server-side request forgery vulnerability. Vendor exploits this vulnerability IBM X-Force ID: 193247 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "VULMON",
"id": "CVE-2020-5014"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-5014",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-537",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-183139",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-5014",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"id": "VAR-202103-0661",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-183139"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:51:00.985000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "6426789 IBM\u00a0X-Force\u00a0Exchange",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/6426789"
},
{
"title": "datapower-redis-rce-exploit",
"trust": 0.1,
"url": "https://github.com/copethomas/datapower-redis-rce-exploit "
},
{
"title": "PoC",
"trust": 0.1,
"url": "https://github.com/Jonathan-Elias/PoC "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000S/PoC-in-GitHub "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-918",
"trust": 1.1
},
{
"problemtype": "Server-side request forgery (CWE-918) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.ibm.com/support/pages/node/6426789"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/193247"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5014"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-datapower-gateway-vulnerable-to-an-rce-attack-cve-2020-5014/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/918.html"
},
{
"trust": 0.1,
"url": "https://github.com/copethomas/datapower-redis-rce-exploit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-183139"
},
{
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-183139"
},
{
"date": "2021-03-08T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"date": "2022-07-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"date": "2021-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"date": "2021-03-08T18:15:13.600000",
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-183139"
},
{
"date": "2021-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2020-5014"
},
{
"date": "2022-07-12T06:35:00",
"db": "JVNDB",
"id": "JVNDB-2021-010932"
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-537"
},
{
"date": "2024-11-21T05:33:32.830000",
"db": "NVD",
"id": "CVE-2020-5014"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM\u00a0DataPower\u00a0Gateway\u00a0 Server-side request forgery vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010932"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-537"
}
],
"trust": 0.6
}
}
VAR-201908-0016
Vulnerability from variot - Updated: 2024-11-23 21:37IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188. Vendors have confirmed this vulnerability IBM X-Force ID: 16188 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.6, DataPower Gateway 7.6.0.0 to 7.6.0.15, DataPower Gateway CD
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.7"
},
{
"model": "mq appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.1.0.2"
},
{
"model": "mq appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "mq appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "mq appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.6"
},
{
"model": "mq appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "9.1.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "mq appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.15"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2018.4.1.0 to 2018.4.1.6"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6.0.0 to 7.6.0.15"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0.0.0 to 8.0.0.12"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.1.0.0 to 9.1.0.2"
},
{
"model": "mq appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.1.1 to 9.1.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:mq_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
}
]
},
"cve": "CVE-2019-4294",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-4294",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-155729",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-4294",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2019-4294",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-4294",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-4294",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2019-4294",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-4294",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-1243",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-155729",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188. Vendors have confirmed this vulnerability IBM X-Force ID: 16188 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following products and versions are affected: IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.6, DataPower Gateway 7.6.0.0 to 7.6.0.15, DataPower Gateway CD",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-4294"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "VULHUB",
"id": "VHN-155729"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-4294",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-155729",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"id": "VAR-201908-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-155729"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:37:03.476000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0887005",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10887005"
},
{
"title": "0958933",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10958933"
},
{
"title": "ibm-mq-cve20194294-code-exec (160701)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160701"
},
{
"title": "IBM DataPower Gateway Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=96888"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10887005"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10958933"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160701"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-4294"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-4294"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10958933"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-155729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-20T00:00:00",
"db": "VULHUB",
"id": "VHN-155729"
},
{
"date": "2019-08-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"date": "2019-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"date": "2019-08-20T19:15:11.730000",
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-09T00:00:00",
"db": "VULHUB",
"id": "VHN-155729"
},
{
"date": "2019-08-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008161"
},
{
"date": "2022-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-1243"
},
{
"date": "2024-11-21T04:43:26.147000",
"db": "NVD",
"id": "CVE-2019-4294"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway and IBM MQ Appliance Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008161"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-1243"
}
],
"trust": 0.6
}
}
VAR-201812-0384
Vulnerability from variot - Updated: 2024-11-23 21:14IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887. IBM DataPower Gateway Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144887 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. The following versions of product are vilnerable: IBM DataPower Gateway 7.6.0.0 through 7.6.0.9 IBM DataPower Gateway 7.5.2.0 through 7.5.2.16 IBM DataPower Gateway 7.5.1.0 through 7.5.1.16 IBM DataPower Gateway 7.5.0.0 through 7.5.0.17. IBM DataPower Gateway is the United States IBM The company's set of dedicated to mobile, cloud, application programming interface ( API ), network, service-oriented architecture ( SOA ), B2B A secure and integrated platform designed for cloud and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following versions are affected: IBM DataPower Gateways 7.6.0.0 version to 7.6.0.9 Version, 7.5.2.0 version to 7.5.2.16 Version, 7.5.1.0 version to 7.5.1.16 Version, 7.5.0.0 version to 7.5.0.17 Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0384",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.18"
}
],
"sources": [
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli and Jeremy Soh.",
"sources": [
{
"db": "BID",
"id": "106329"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1661",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-1661",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-126986",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-1661",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2018-1661",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1661",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1661",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1661",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-816",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-126986",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887. IBM DataPower Gateway Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144887 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. \nThe following versions of product are vilnerable:\nIBM DataPower Gateway 7.6.0.0 through 7.6.0.9\nIBM DataPower Gateway 7.5.2.0 through 7.5.2.16\nIBM DataPower Gateway 7.5.1.0 through 7.5.1.16\nIBM DataPower Gateway 7.5.0.0 through 7.5.0.17. IBM DataPower Gateway is the United States IBM The company\u0027s set of dedicated to mobile, cloud, application programming interface ( API ), network, service-oriented architecture ( SOA ), B2B A secure and integrated platform designed for cloud and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following versions are affected: IBM DataPower Gateways 7.6.0.0 version to 7.6.0.9 Version, 7.5.2.0 version to 7.5.2.16 Version, 7.5.1.0 version to 7.5.1.16 Version, 7.5.0.0 version to 7.5.0.17 Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "VULHUB",
"id": "VHN-126986"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1661",
"trust": 2.8
},
{
"db": "BID",
"id": "106329",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0545",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-126986",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"id": "VAR-201812-0384",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:14:56.176000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0744189",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744189"
},
{
"title": "ibm-websphere-cve20181661-csrf (144887)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144887"
},
{
"title": "IBM DataPower Gateway Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88012"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106329"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744189"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144887"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1661"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1661"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10739235"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75930"
},
{
"trust": 0.3,
"url": "https://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/in-en/products/datapower-gateway/details"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744189"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-126986"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106329"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"date": "2018-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"date": "2018-12-20T14:29:00.230000",
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126986"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106329"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-816"
},
{
"date": "2024-11-21T04:00:09.613000",
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
],
"trust": 0.6
}
}
VAR-201901-0716
Vulnerability from variot - Updated: 2024-11-23 20:40IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894. IBM DataPower Gateway Contains an access control vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144894 It is released as.Information may be obtained. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0716",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.19"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.18"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.18"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.11"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.0.0 to 7.5.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "77.5.1.0 to 7.5.1.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "77.5.2.0 to 7.5.2.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "77.6.0.0 to 7.6.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.3"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.10"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.19"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.18"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.12"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.19"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.19"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.20"
}
],
"sources": [
{
"db": "BID",
"id": "106795"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli \u0026 Jeremy Soh.",
"sources": [
{
"db": "BID",
"id": "106795"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1668",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1668",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-127063",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1668",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1668",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1668",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1668",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-1668",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-922",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-127063",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127063"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows \"null\" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894. IBM DataPower Gateway Contains an access control vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144894 It is released as.Information may be obtained. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1668"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "BID",
"id": "106795"
},
{
"db": "VULHUB",
"id": "VHN-127063"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1668",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0545",
"trust": 0.6
},
{
"db": "BID",
"id": "106795",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-127063",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127063"
},
{
"db": "BID",
"id": "106795"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"id": "VAR-201901-0716",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-127063"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:40:48.249000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0794735",
"trust": 0.8,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10794735"
},
{
"title": "ibm-websphere-cve20181668-info-disc (144894)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144894"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88972"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
},
{
"problemtype": "CWE-754",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127063"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10794735"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144894"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1668"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1668"
},
{
"trust": 0.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144894vdb entryvendor advisory"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10794735vendor advisory"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75930"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10871908"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10794735"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-127063"
},
{
"db": "BID",
"id": "106795"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-127063"
},
{
"db": "BID",
"id": "106795"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-29T00:00:00",
"db": "VULHUB",
"id": "VHN-127063"
},
{
"date": "2019-01-11T00:00:00",
"db": "BID",
"id": "106795"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"date": "2019-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"date": "2019-01-29T16:29:00.310000",
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-127063"
},
{
"date": "2019-01-11T00:00:00",
"db": "BID",
"id": "106795"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001475"
},
{
"date": "2022-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-922"
},
{
"date": "2024-11-21T04:00:10.353000",
"db": "NVD",
"id": "CVE-2018-1668"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001475"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-922"
}
],
"trust": 0.6
}
}
VAR-201912-0158
Vulnerability from variot - Updated: 2024-11-23 20:20IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883. IBM DataPower Gateway Contains a vulnerability in the initialization of unsafe default values for resources. Vendors have confirmed this vulnerability IBM X-Force ID: 168883 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. There is a security vulnerability in IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.5 and 7.6.0.0 to 7.6.0.14
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.14"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "2018.4.1.5"
},
{
"model": "datapower gateway",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.6.0.14"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.4"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.6.0.11"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.6.0.12"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.0"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.6.0.13"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "2018.4.1.3"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ibm:datapower_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
}
]
},
"cve": "CVE-2019-4621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-4621",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-156056",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-4621",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2019-4621",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-4621",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-4621",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2019-4621",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-4621",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-156056",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883. IBM DataPower Gateway Contains a vulnerability in the initialization of unsafe default values for resources. Vendors have confirmed this vulnerability IBM X-Force ID: 168883 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. There is a security vulnerability in IBM DataPower Gateway 2018.4.1.0 to 2018.4.1.5 and 7.6.0.0 to 7.6.0.14",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-4621"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "VULHUB",
"id": "VHN-156056"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-4621",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0266",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-156056",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"id": "VAR-201912-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-156056"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:20:54.485000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "1125615",
"trust": 0.8,
"url": "https://www.ibm.com/support/pages/node/1125615"
},
{
"title": "ibm-mq-cve20194621-sec-bypass (168883)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/168883"
},
{
"title": "IBM DataPower Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105255"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1188",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.ibm.com/support/pages/node/1125615"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/168883"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-4621"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-4621"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1106523"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1125897"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1135023"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1125891"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1127031"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0266/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-an-unauthorised-access-vulnerability-cve-2019-4621/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-156056"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-09T00:00:00",
"db": "VULHUB",
"id": "VHN-156056"
},
{
"date": "2019-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"date": "2019-12-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"date": "2019-12-09T23:15:11.577000",
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-156056"
},
{
"date": "2019-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013151"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-250"
},
{
"date": "2024-11-21T04:43:53.167000",
"db": "NVD",
"id": "CVE-2019-4621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerable to unsafe default initialization of resources",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013151"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-250"
}
],
"trust": 0.6
}
}