Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for StoredIQ by IBM

    VAR-201503-0055

    Vulnerability from variot - Updated: 2026-03-09 23:25

    The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. The Common Vulnerabilities and Exposures project identifies the following issues:

    CVE-2015-0286

    Stephen Henson discovered that the ASN1_TYPE_cmp() function
    can be crashed, resulting in denial of service.
    

    CVE-2015-0287

    Emilia Kaesper discovered a memory corruption in ASN.1 parsing.
    

    CVE-2015-0292

    It was discovered that missing input sanitising in base64 decoding
    might result in memory corruption.
    

    CVE-2015-0209

    It was discovered that a malformed EC private key might result in
    memory corruption.
    

    CVE-2015-0288

    It was discovered that missing input sanitising in the
    X509_to_X509_REQ() function might result in denial of service.
    

    For the stable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u15. In this update the export ciphers are removed from the default cipher list.

    References:

    CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0288 CVE-2015-5432 CVE-2015-5433

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. OpenSSL Security Advisory [19 Mar 2015]

    OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)

    Severity: High

    If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server.

    This issue was was reported to OpenSSL on 26th February 2015 by David Ramos of Stanford University. The fix was developed by Stephen Henson and Matt Caswell of the OpenSSL development team.

    Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

    Severity: High

    This security issue was previously announced by the OpenSSL project and classified as "low" severity. This severity rating has now been changed to "high".

    This was classified low because it was originally thought that server RSA export ciphersuite support was rare: a client was only vulnerable to a MITM attack against a server which supports an RSA export ciphersuite. Recent studies have shown that RSA export ciphersuites support is far more common.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. It was previously announced in the OpenSSL security advisory on 8th January 2015.

    Multiblock corrupted pointer (CVE-2015-0290)

    Severity: Moderate

    OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This feature only applies on 64 bit x86 architecture platforms that support AES NI instructions. A defect in the implementation of "multiblock" can cause OpenSSL's internal write buffer to become incorrectly set to NULL when using non-blocking IO. Typically, when the user application is using a socket BIO for writing, this will only result in a failed connection. However if some other BIO is used then it is likely that a segmentation fault will be triggered, thus enabling a potential DoS attack.

    This issue was reported to OpenSSL on 13th February 2015 by Daniel Danner and Rainer Mueller. The fix was developed by Matt Caswell of the OpenSSL development team.

    Segmentation fault in DTLSv1_listen (CVE-2015-0207)

    Severity: Moderate

    The DTLSv1_listen function is intended to be stateless and processes the initial ClientHello from many peers. It is common for user code to loop over the call to DTLSv1_listen until a valid ClientHello is received with an associated cookie. A defect in the implementation of DTLSv1_listen means that state is preserved in the SSL object from one invocation to the next that can lead to a segmentation fault. Errors processing the initial ClientHello can trigger this scenario. An example of such an error could be that a DTLS1.0 only client is attempting to connect to a DTLS1.2 only server.

    This issue was reported to OpenSSL on 27th January 2015 by Per Allansson. The fix was developed by Matt Caswell of the OpenSSL development team.

    Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)

    Severity: Moderate

    The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was discovered and fixed by Stephen Henson of the OpenSSL development team.

    Segmentation fault for invalid PSS parameters (CVE-2015-0208)

    Severity: Moderate

    The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and invalid parameters. Since these routines are used to verify certificate signature algorithms this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication.

    This issue affects OpenSSL version: 1.0.2

    OpenSSL 1.0.2 users should upgrade to 1.0.2a

    This issue was was reported to OpenSSL on 31st January 2015 by Brian Carpenter and a fix developed by Stephen Henson of the OpenSSL development team.

    ASN.1 structure reuse memory corruption (CVE-2015-0287)

    Severity: Moderate

    Reusing a structure in ASN.1 parsing may allow an attacker to cause memory corruption via an invalid write. Such reuse is and has been strongly discouraged and is believed to be rare.

    Applications that parse structures containing CHOICE or ANY DEFINED BY components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was discovered by Emilia Käsper and a fix developed by Stephen Henson of the OpenSSL development team.

    PKCS7 NULL pointer dereferences (CVE-2015-0289)

    Severity: Moderate

    The PKCS#7 parsing code does not handle missing outer ContentInfo correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing.

    Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was reported to OpenSSL on February 16th 2015 by Michal Zalewski (Google) and a fix developed by Emilia Käsper of the OpenSSL development team.

    Base64 decode (CVE-2015-0292)

    Severity: Moderate

    A vulnerability existed in previous versions of OpenSSL related to the processing of base64 encoded data. Any code path that reads base64 data from an untrusted source could be affected (such as the PEM processing routines). Maliciously crafted base 64 data could trigger a segmenation fault or memory corruption.

    OpenSSL 1.0.1 users should upgrade to 1.0.1h. OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 0.9.8 users should upgrade to 0.9.8za. This issue was originally reported by Robert Dugal and subsequently by David Ramos.

    DoS via reachable assert in SSLv2 servers (CVE-2015-0293)

    Severity: Moderate

    A malicious client can trigger an OPENSSL_assert (i.e., an abort) in servers that both support SSLv2 and enable export cipher suites by sending a specially crafted SSLv2 CLIENT-MASTER-KEY message.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was discovered by Sean Burford (Google) and Emilia Käsper (OpenSSL development team) in March 2015 and the fix was developed by Emilia Käsper.

    Empty CKE with client auth and DHE (CVE-2015-1787)

    Severity: Moderate

    If client auth is used then a server can seg fault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack.

    This issue was discovered and the fix was developed by Matt Caswell of the OpenSSL development team.

    Handshake with unseeded PRNG (CVE-2015-0285)

    Severity: Low

    Under certain conditions an OpenSSL 1.0.2 client can complete a handshake with an unseeded PRNG. The conditions are: - The client is on a platform where the PRNG has not been seeded automatically, and the user has not seeded manually - A protocol specific client method version has been used (i.e. not SSL_client_methodv23) - A ciphersuite is used that does not require additional random data from the PRNG beyond the initial ClientHello client random (e.g. PSK-RC4-SHA).

    If the handshake succeeds then the client random that has been used will have been generated from a PRNG with insufficient entropy and therefore the output may be predictable.

    For example using the following command with an unseeded openssl will succeed on an unpatched platform:

    openssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA

    This issue affects OpenSSL version: 1.0.2

    OpenSSL 1.0.2 users should upgrade to 1.0.2a.

    This issue was discovered and the fix was developed by Matt Caswell of the OpenSSL development team.

    Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)

    Severity: Low

    A malformed EC private key file consumed via the d2i_ECPrivateKey function could cause a use after free condition. This, in turn, could cause a double free in several private key parsing functions (such as d2i_PrivateKey or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption for applications that receive EC private keys from untrusted sources. This scenario is considered rare.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was discovered by the BoringSSL project and fixed in their commit 517073cd4b. The OpenSSL fix was developed by Matt Caswell of the OpenSSL development team.

    X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)

    Severity: Low

    The function X509_to_X509_REQ will crash with a NULL pointer dereference if the certificate key is invalid. This function is rarely used in practice.

    OpenSSL 1.0.2 users should upgrade to 1.0.2a OpenSSL 1.0.1 users should upgrade to 1.0.1m. OpenSSL 1.0.0 users should upgrade to 1.0.0r. OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

    This issue was discovered by Brian Carpenter and a fix developed by Stephen Henson of the OpenSSL development team.

    Note

    As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv_20150319.txt

    Note: the online version of the advisory may be updated with additional details over time.

    For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2015-09-16-1 iOS 9

    iOS 9 is now available and addresses the following:

    Apple Pay Available for: iPhone 6, iPad mini 3, and iPad Air 2 Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. CVE-ID CVE-2015-5916

    AppleKeyStore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to reset failed passcode attempts with an iOS backup Description: An issue existed in resetting failed passcode attempts with a backup of the iOS device. This was addressed through improved passcode failure logic. CVE-ID CVE-2015-5850 : an anonymous researcher

    Application Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Clicking a malicious ITMS link may lead to a denial of service in an enterprise-signed application Description: An issue existed with installation through ITMS links. This was addressed through additional installation verification. CVE-ID CVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.

    Audio Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea

    Certificate Trust Policy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT204132.

    CFNetwork Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may read cache data from Apple apps Description: Cache data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the cache data with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2015-5898 : Andreas Kurtz of NESO Security Labs

    CFNetwork Cookies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation. CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University

    CFNetwork Cookies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to create unintended cookies for a website Description: WebKit would accept multiple cookies to be set in the document.cookie API. This issue was addressed through improved parsing. CVE-ID CVE-2015-3801 : Erling Ellingsen of Facebook

    CFNetwork FTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in FTP packet handling if clients were using an FTP proxy. CVE-ID CVE-2015-5912 : Amit Klein

    CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted URL may be able to bypass HTTP Strict Transport Security (HSTS) and leak sensitive data Description: A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing. CVE-ID CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University

    CFNetwork HTTPProtocol Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling. CVE-ID CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd

    CFNetwork Proxies Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University

    CFNetwork SSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group

    CFNetwork SSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of RC4. An attacker could force the use of RC4, even if the server preferred better ciphers, by blocking TLS 1.0 and higher connections until CFNetwork tried SSL 3.0, which only allows RC4. This issue was addressed by removing the fallback to SSL 3.0.

    CoreAnimation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to leak sensitive user information Description: Applications could access the screen framebuffer while they were in the background. This issue was addressed with improved access control on IOSurfaces. CVE-ID CVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin Gao, Yingjiu Li of School of Information Systems Singapore Management University, Feng Bao and Jianying Zhou of Cryptography and Security Department Institute for Infocomm Research

    CoreCrypto Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms.

    CoreText Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team

    Data Detectors Engine Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: Memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)

    Dev Tools Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash

    dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team

    Disk Images Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco

    Game Center Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious Game Center application may be able to access a player's email address Description: An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions. CVE-ID CVE-2015-5855 : Nasser Alnasser

    ICU Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2015-1205

    IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team

    IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5848 : Filippo Bigarella

    IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5867 : moony li of Trend Micro

    IOKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5844 : Filippo Bigarella CVE-2015-5845 : Filippo Bigarella CVE-2015-5846 : Filippo Bigarella

    IOMobileFrameBuffer Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOMobileFrameBuffer. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5843 : Filippo Bigarella

    IOStorageFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive

    iTunes Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: AppleID credentials may persist in the keychain after sign out Description: An issue existed in keychain deletion. This issue was addressed through improved account cleanup. CVE-ID CVE-2015-5832 : Kasif Dekel from Check Point Software Technologies

    JavaScriptCore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5791 : Apple CVE-2015-5793 : Apple CVE-2015-5814 : Apple CVE-2015-5816 : Apple CVE-2015-5822 : Mark S. Miller of Google CVE-2015-5823 : Apple

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. This was addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through added entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming- chieh Pan and Sung-ting Tsai; Jonathan Levin

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number Description: An issue existed in xnu's validation of TCP packet headers. This issues was addressed through improved TCP packet header validation. CVE-ID CVE-2015-5879 : Jonathan Looney

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in XNU that led to the disclosure of kernel memory. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to cause a system denial of service Description: An issue existed in HFS drive mounting. This was addressed by additional validation checks. CVE-ID CVE-2015-5748 : Maxime Villard of m00nbsd

    libc Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse Corporation

    libpthread Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team

    Mail Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker can send an email that appears to come from a contact in the recipient's address book Description: An issue existed in the handling of the sender's address. This issue was addressed through improved validation. CVE-ID CVE-2015-5857 : Emre Saglam of salesforce.com

    Multipeer Connectivity Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local attacker may be able to observe unprotected multipeer data Description: An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption. CVE-ID CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem

    NetworkExtension Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to determine kernel memory layout Description: An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through memory initialization. CVE-ID CVE-2015-5831 : Maxime Villard of m00nbsd

    OpenSSL Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-0286 CVE-2015-0287

    PluginKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious enterprise application can install extensions before the application has been trusted Description: An issue existed in the validation of extensions during installation. This was addressed through improved app verification. CVE-ID CVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.

    removefile Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. CVE-ID CVE-2015-5840 : an anonymous researcher

    Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to read Safari bookmarks on a locked iOS device without a passcode Description: Safari bookmark data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the Safari bookmark data with a key protected by the hardware UID and the user's passcode. CVE-ID CVE-2015-5903 : Jonathan Zdziarski

    Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling. CVE-ID CVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz

    Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Navigating to a malicious website with a malformed window opener may have allowed the display of arbitrary URLs. This issue was addressed through improved handling of window openers. CVE-ID CVE-2015-5905 : Keita Haga of keitahaga.com

    Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in Safari's client certificate matching for SSL authentication. This issue was addressed through improved matching of valid client certificates. CVE-ID CVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut of Whatever s.a.

    Safari Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: Multiple user interface inconsistencies may have allowed a malicious website to display an arbitrary URL. These issues were addressed through improved URL display logic. CVE-ID CVE-2015-5764 : Antonio Sanso (@asanso) of Adobe CVE-2015-5765 : Ron Masas CVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa

    Safari Safe Browsing Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Navigating to the IP address of a known malicious website may not trigger a security warning Description: Safari's Safe Browsing feature did not warn users when visiting known malicious websites by their IP addresses. The issue was addressed through improved malicious site detection. Rahul M of TagsDoc

    Security Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious app may be able to intercept communication between apps Description: An issue existed that allowed a malicious app to intercept URL scheme communication between apps. This was mitigated by displaying a dialog when a URL scheme is used for the first time. CVE-ID CVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University

    Siri Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking. CVE-ID CVE-2015-5892 : Robert S Mozayeni, Joshua Donvito

    SpringBoard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to an iOS device can reply to an audio message from the lock screen when message previews from the lock screen are disabled Description: A lock screen issue allowed users to reply to audio messages when message previews were disabled. This issue was addressed through improved state management. CVE-ID CVE-2015-5861 : Daniel Miedema of Meridian Apps

    SpringBoard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to spoof another application's dialog windows Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-ID CVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S. Lui

    SQLite Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in SQLite v3.8.5 Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-5895

    tidy Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in Tidy. This issues was addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Object references may be leaked between isolated origins on custom events, message events and pop state events Description: An object leak issue broke the isolation boundary between origins. This issue was addressed through improved isolation between origins. CVE-ID CVE-2015-5827 : Gildas

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5789 : Apple CVE-2015-5790 : Apple CVE-2015-5792 : Apple CVE-2015-5794 : Apple CVE-2015-5795 : Apple CVE-2015-5796 : Apple CVE-2015-5797 : Apple CVE-2015-5799 : Apple CVE-2015-5800 : Apple CVE-2015-5801 : Apple CVE-2015-5802 : Apple CVE-2015-5803 : Apple CVE-2015-5804 : Apple CVE-2015-5805 CVE-2015-5806 : Apple CVE-2015-5807 : Apple CVE-2015-5809 : Apple CVE-2015-5810 : Apple CVE-2015-5811 : Apple CVE-2015-5812 : Apple CVE-2015-5813 : Apple CVE-2015-5817 : Apple CVE-2015-5818 : Apple CVE-2015-5819 : Apple CVE-2015-5821 : Apple

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to unintended dialing Description: An issue existed in handling of tel://, facetime://, and facetime-audio:// URLs. This issue was addressed through improved URL handling. CVE-ID CVE-2015-5820 : Andrei Neculaesei, Guillaume Ross

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: QuickType may learn the last character of a password in a filled-in web form Description: An issue existed in WebKit's handling of password input context. This issue was addressed through improved input context handling. CVE-ID CVE-2015-5906 : Louis Romero of Google Inc.

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to redirect to a malicious domain Description: An issue existed in the handling of resource caches on sites with invalid certificates. The issue was addressed by rejecting the application cache of domains with invalid certificates. CVE-ID CVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious website may exfiltrate data cross-origin Description: Safari allowed cross-origin stylesheets to be loaded with non-CSS MIME types which could be used for cross-origin data exfiltration. This issue was addressed by limiting MIME types for cross-origin stylesheets. CVE-ID CVE-2015-5826 : filedescriptor, Chris Evans

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: The Performance API may allow a malicious website to leak browsing history, network activity, and mouse movements Description: WebKit's Performance API could have allowed a malicious website to leak browsing history, network activity, and mouse movements by measuring time. This issue was addressed by limiting time resolution. CVE-ID CVE-2015-5825 : Yossi Oren et al. of Columbia University's Network Security Lab

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An issue existed with Content-Disposition headers containing type attachment. This issue was addressed by disallowing some functionality for type attachment pages. CVE-ID CVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat Research Team, Daoyuan Wu of Singapore Management University, Rocky K. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz, superhei of www.knownsec.com

    WebKit Canvas Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may disclose image data from another website Description: A cross-origin issue existed with "canvas" element images in WebKit. This was addressed through improved tracking of security origins. CVE-ID CVE-2015-5788 : Apple

    WebKit Page Loading Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: WebSockets may bypass mixed content policy enforcement Description: An insufficient policy enforcement issue allowed WebSockets to load mixed content. This issue was addressed by extending mixed content policy enforcement to WebSockets. Kevin G Jones of Higher Logic

    Installation note:

    This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

    iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

    The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

    To check that the iPhone, iPod touch, or iPad has been updated:

    • Navigate to Settings
    • Select General
    • Select About. The version after applying this update will be "9".

    Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org

    iQIcBAEBCAAGBQJV+avFAAoJEBcWfLTuOo7tAOsQAKVBs+YG3HuMy0mc0rnpbRtU +bjdnzwBeQE6C6Fp/SlZroyYtutnPw9QoFbUpY9Kkcer08uPap6kUAcF72fD51tG UYmIe5WvDSMWD98pKsgDGUVfGdU1h135KpSfDgoiQrZK2GAPe2xCDupD42jIPLk2 3qSyrYnVzfrCZ8uBk9j4gqoF5Ki6JSP/3Qm7hiPfhQXcMyQyIQ+2tJyQcSyGf5OM RgkmHwjIjkEb8jwwQ6h4LPMNuvqq8Kv6P4wQQeUl7RdtLJfafmFg+mV7bSmV/b28 Hk5EHQrQJ5fVl9jBFxti6aZrhrNr5yRL9yAdrpNB0rWfDN0z9emyGRrW2vli+Zv+ 0xXBZfAiNVAP53ou4gyVkLDZ+zx5lsWSADU1QWbIR2DY+WXUIN5QJ/ayFkNN9gqD WrFGHOc/l+Rq82uQi4ND0jTcYqhBG0MyooJf29orPA2tZeKvrcA4/6w12w6eJ7qA aW5J+BByErqWft42I/JT3CbnK+GBEDHnj4GAeSMHuNolPNsoH5cv0G4yKigW0zLS 81AzADTcBtKtaSD9aBAPAL6TTGUySmupF8flhHTMcpZh1MbAqo+bObMXUMvCrmST yq+5/R0gVuMN0BQ7adwI0akYApuqrNi/Mp9zT+JlU2wiSfaHm58Ugf8YAmc+sfjT rHWi1bvzskkrxRfuQ4mX =MnPh -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04746490

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c04746490 Version: 1

    HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2015-07-20 Last Updated: 2015-07-20

    Potential Security Impact: Remote Denial of Service (DoS), cross-site request forgery (CSRF), execution of arbitrary code, unauthorized modification, unauthorized access, disclosure of information

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), Cross-site Request Forgery (CSRF), execution of arbitrary code, unauthorized modification, unauthorized access, or disclosure of information.

    References:

    CVE-2014-0118 - Remote Denial of Service (DoS) CVE-2014-0226 - Remote Denial of Service (DoS) CVE-2014-0231 - Remote Denial of Service (DoS) CVE-2014-3523 - Remote Denial of Service (DoS) CVE-2014-3569 - Remote Denial of Service (DoS) CVE-2014-3570 - Remote Disclosure of Information CVE-2014-3571 - Remote Denial of Service (DoS) CVE-2014-3572 - Remote Disclosure of Information CVE-2014-8142 - Remote Code Execution CVE-2014-8275 - Unauthorized Modification CVE-2014-9427 - Remote Disclosure of Information CVE-2014-9652 - Remote Denial of Service (DoS) CVE-2014-9653 - Remote Denial of Service (DoS) CVE-2014-9705 - Remote Code Execution CVE-2015-0204 - Remote Disclosure of Information CVE-2015-0205 - Remote Unauthorized Access CVE-2015-0206 - Remote Denial of Service (DoS) CVE-2015-0207 - Remote Denial of Service (DoS) CVE-2015-0208 - Remote Denial of Service (DoS) CVE-2015-0209 - Remote Denial of Service (DoS) CVE-2015-0231 - Remote Denial of Service (DoS) CVE-2015-0232 - Remote Denial of Service (DoS), Execution of Arbitrary Code CVE-2015-0273 - Remote Execution of Arbitrary Code CVE-2015-0285 - Remote Disclosure of Information CVE-2015-0286 - Remote Denial of Service (DoS) CVE-2015-0287 - Remote Denial of Service (DoS) CVE-2015-0288 - Remote Denial of Service (DoS) CVE-2015-0289 - Remote Denial of Service (DoS) CVE-2015-0290 - Remote Denial of Service (DoS) CVE-2015-0291 - Remote Denial of Service (DoS) CVE-2015-0292 - Remote Denial of Service (DoS) CVE-2015-0293 - Remote Denial of Service (DoS) CVE-2015-1787 - Remote Denial of Service (DoS) CVE-2015-2301 - Remote Execution of Arbitrary Code CVE-2015-2331 - Remote Denial of Service (DoS), Execution of Arbitrary Code CVE-2015-2348 - Unauthorized Modification CVE-2015-2787 - Remote Execution of Arbitrary Code CVE-2015-2134 - Cross-site Request Forgery (CSRF) SSRT102109

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) prior to version 7.5.0

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2014-0118 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0226 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0231 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3523 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8142 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-9427 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9652 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9653 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9705 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0207 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0208 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0231 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0232 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0273 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0285 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0290 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0291 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-1787 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2015-2301 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2331 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2348 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-2787 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-2134 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has made the following software updates available to resolve the vulnerabilities for the impacted versions of HP System Management Homepage (SMH).

    Please download the latest version of HP System Management Homepage (7.5.0) from the following location:

    http://www.hp.com/go/smh
    

    HISTORY Version:1 (rev.1) - 20 July 2015 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

    Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

    Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

    ============================================================================= FreeBSD-SA-15:06.openssl Security Advisory The FreeBSD Project

    Topic: Multiple OpenSSL vulnerabilities

    Category: contrib Module: openssl Announced: 2015-03-19 Affects: All supported versions of FreeBSD. Corrected: 2015-03-19 17:40:43 UTC (stable/10, 10.1-STABLE) 2015-03-19 17:42:38 UTC (releng/10.1, 10.1-RELEASE-p7) 2015-03-19 17:40:43 UTC (stable/9, 9.3-STABLE) 2015-03-19 17:42:38 UTC (releng/9.3, 9.3-RELEASE-p11) 2015-03-19 17:40:43 UTC (stable/8, 8.4-STABLE) 2015-03-19 17:42:38 UTC (releng/8.4, 8.4-RELEASE-p25) CVE Name: CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293

    For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

    I. Background

    FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

    Abstract Syntax Notation One (ASN.1) is a standard and notation that describes rules and structures for representing, encoding, transmitting, and decoding data in telecommunications and computer networking, which enables representation of objects that are independent of machine-specific encoding technique.

    II. [CVE-2015-0293]

    III. Impact

    A malformed elliptic curve private key file can cause server daemons using OpenSSL to crash, resulting in a Denial of Service. [CVE-2015-0209]

    A remote attacker who is able to send specifically crafted certificates may be able to crash an OpenSSL client or server. [CVE-2015-0287]

    An attacker may be able to crash applications that create a new certificate request with subject name the same as in an existing, specifically crafted certificate.

    IV. Workaround

    No workaround is available. Solution

    Perform one of the following:

    1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    2) To update your vulnerable system via a binary patch:

    Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

    freebsd-update fetch

    freebsd-update install

    3) To update your vulnerable system via a source code patch:

    The following patches have been verified to apply to the applicable FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 8.4 and FreeBSD 9.3]

    fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch

    fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch.asc

    gpg --verify openssl-0.9.8.patch.asc

    [FreeBSD 10.1]

    fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch

    fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch.asc

    gpg --verify openssl-1.0.1.patch.asc

    b) Apply the patch. Execute the following commands as root:

    cd /usr/src

    patch < /path/to/patch

    c) Recompile the operating system using buildworld and installworld as described in .

    Restart all deamons using the library, or reboot the system.

    VI. Correction details

    The following list contains the correction revision numbers for each affected branch.

    Branch/path Revision


    stable/8/ r280266 releng/8.4/ r280268 stable/9/ r280266 releng/9.3/ r280268 stable/10/ r280266 releng/10.1/ r280268


    To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

    svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

    Or visit the following URL, replacing NNNNNN with the revision number:

    VII.

    Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1m-i486-1_slack14.1.txz: Upgraded. Fixes several bugs and security issues: o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) o Removed the export ciphers from the DEFAULT ciphers For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zf-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.0.txz

    Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.0.txz

    Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zf-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.1.txz

    Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.1.txz

    Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zf-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.37.txz

    Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.37.txz

    Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1m-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1m-i486-1_slack14.0.txz

    Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1m-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1m-x86_64-1_slack14.0.txz

    Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1m-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1m-i486-1_slack14.1.txz

    Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1m-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1m-x86_64-1_slack14.1.txz

    Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1m-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1m-i486-1.txz

    Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1m-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1m-x86_64-1.txz

    MD5 signatures: +-------------+

    Slackware 13.0 packages: 9ba57b2971962ceb6205ec7b7e6b84e7 openssl-0.9.8zf-i486-1_slack13.0.txz 706ef57bb71992961584a3d957c5dbcb openssl-solibs-0.9.8zf-i486-1_slack13.0.txz

    Slackware x86_64 13.0 packages: 5f581b663798eacc8e7df4c292f33dbf openssl-0.9.8zf-x86_64-1_slack13.0.txz fe5f33f4d2db08b4f8d724e62bf6e514 openssl-solibs-0.9.8zf-x86_64-1_slack13.0.txz

    Slackware 13.1 packages: 1ef0ba15454da786993361c927084438 openssl-0.9.8zf-i486-1_slack13.1.txz 2b3e20bcaa77f39512b6edcbc41b5471 openssl-solibs-0.9.8zf-i486-1_slack13.1.txz

    Slackware x86_64 13.1 packages: f8fae10a1936cf900d362b65d9b2c8df openssl-0.9.8zf-x86_64-1_slack13.1.txz 0093e35c46382eeef03a51421895ed65 openssl-solibs-0.9.8zf-x86_64-1_slack13.1.txz

    Slackware 13.37 packages: 7d4dd0f76252c98622a5f5939f6f0674 openssl-0.9.8zf-i486-1_slack13.37.txz e5cde01c0773ac78d33964e4107878df openssl-solibs-0.9.8zf-i486-1_slack13.37.txz

    Slackware x86_64 13.37 packages: 379424e15bd378e00a5ba0c709432429 openssl-0.9.8zf-x86_64-1_slack13.37.txz 54832ad7e5440ce1c496be47fec9140d openssl-solibs-0.9.8zf-x86_64-1_slack13.37.txz

    Slackware 14.0 packages: 8abafa33d2bf90b6cd8be849c0d9a643 openssl-1.0.1m-i486-1_slack14.0.txz bac56213a540586d801d7b57608396de openssl-solibs-1.0.1m-i486-1_slack14.0.txz

    Slackware x86_64 14.0 packages: b4c6c971e74b678c68671feed18fa7dc openssl-1.0.1m-x86_64-1_slack14.0.txz acac871e22b5de998544c2f6431c0139 openssl-solibs-1.0.1m-x86_64-1_slack14.0.txz

    Slackware 14.1 packages: c1f47f1f1ba5a13d6ac2ef2ae48bfb4c openssl-1.0.1m-i486-1_slack14.1.txz b7b1761ae1585f406d303273812043d3 openssl-solibs-1.0.1m-i486-1_slack14.1.txz

    Slackware x86_64 14.1 packages: 1c6e11e2e3454836d5a3e9243f7c7738 openssl-1.0.1m-x86_64-1_slack14.1.txz 25b7a704816a2123463ddbfabbc1b86d openssl-solibs-1.0.1m-x86_64-1_slack14.1.txz

    Slackware -current packages: 0926b2429e1326c8ab9bcbbda056dc66 a/openssl-solibs-1.0.1m-i486-1.txz b6252d0f141eba7b0a8e8c5bbdc314f0 n/openssl-1.0.1m-i486-1.txz

    Slackware x86_64 -current packages: 99b903f556c7a2d5ec283f04c2f5a650 a/openssl-solibs-1.0.1m-x86_64-1.txz 9ecb47e0b70bd7f8064c96fb2211c4b7 n/openssl-1.0.1m-x86_64-1.txz

    Installation instructions: +------------------------+

    Upgrade the packages as root:

    upgradepkg openssl-1.0.1m-i486-1_slack14.1.txz openssl-solibs-1.0.1m-i486-1_slack14.1.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release Advisory ID: RHSA-2016:2957-01 Product: Red Hat JBoss Core Services Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2957.html Issue date: 2016-12-15 CVE Names: CVE-2012-1148 CVE-2014-3523 CVE-2014-8176 CVE-2015-0209 CVE-2015-0286 CVE-2015-3185 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3216 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0799 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2842 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4459 CVE-2016-4483 CVE-2016-5419 CVE-2016-5420 CVE-2016-6808 CVE-2016-7141 CVE-2016-8612 =====================================================================

    1. Summary:

    Red Hat JBoss Core Services httpd 2.4.23 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systems.

    Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:

    This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)

    • This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)

    • This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)

    • This update fixes two flaws in httpd. (CVE-2016-4459, CVE-2016-8612)

    • A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)

    • A memory leak flaw was fixed in expat. (CVE-2012-1148)

    Red Hat would like to thank the OpenSSL project for reporting CVE-2014-8176, CVE-2015-0286, CVE-2016-2108, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842. Upstream acknowledges Stephen Henson (OpenSSL development team) as the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105, CVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj Somorovsky as the original reporter of CVE-2016-2107; Yuval Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv University), and Nadia Heninger (University of Pennsylvania) as the original reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as the original reporter of CVE-2016-0705.

    See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution:

    The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).

    After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):

    801648 - CVE-2012-1148 expat: Memory leak in poolGrow 1121519 - CVE-2014-3523 httpd: WinNT MPM denial of service 1196737 - CVE-2015-0209 openssl: use-after-free on invalid EC private key import 1202366 - CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp() 1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression 1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS 1243888 - CVE-2015-3185 httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4 1288320 - CVE-2015-3194 OpenSSL: Certificate verify crash with missing PSS parameter 1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak 1288326 - CVE-2015-3196 OpenSSL: Race condition handling PSK identify hint 1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code 1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation 1311880 - CVE-2016-0797 OpenSSL: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption 1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions 1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds 1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow 1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file 1332820 - CVE-2016-4483 libxml2: out-of-bounds read 1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar 1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName 1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs 1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral 1338700 - CVE-2016-4448 libxml2: Format string vulnerability 1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content 1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey 1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString 1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal 1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup 1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat 1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar 1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute 1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1362183 - CVE-2016-5419 curl: TLS session resumption client cert bypass 1362190 - CVE-2016-5420 curl: Re-using connection with wrong client cert 1373229 - CVE-2016-7141 curl: Incorrect reuse of client certificates 1382352 - CVE-2016-6808 mod_jk: Buffer overflow when concatenating virtual host name and URI 1387605 - CVE-2016-8612 JBCS mod_cluster: Protocol parsing logic error

    1. JIRA issues fixed (https://issues.jboss.org/):

    JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service

    1. References:

    https://access.redhat.com/security/cve/CVE-2012-1148 https://access.redhat.com/security/cve/CVE-2014-3523 https://access.redhat.com/security/cve/CVE-2014-8176 https://access.redhat.com/security/cve/CVE-2015-0209 https://access.redhat.com/security/cve/CVE-2015-0286 https://access.redhat.com/security/cve/CVE-2015-3185 https://access.redhat.com/security/cve/CVE-2015-3194 https://access.redhat.com/security/cve/CVE-2015-3195 https://access.redhat.com/security/cve/CVE-2015-3196 https://access.redhat.com/security/cve/CVE-2015-3216 https://access.redhat.com/security/cve/CVE-2016-0702 https://access.redhat.com/security/cve/CVE-2016-0705 https://access.redhat.com/security/cve/CVE-2016-0797 https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/cve/CVE-2016-4459 https://access.redhat.com/security/cve/CVE-2016-4483 https://access.redhat.com/security/cve/CVE-2016-5419 https://access.redhat.com/security/cve/CVE-2016-5420 https://access.redhat.com/security/cve/CVE-2016-6808 https://access.redhat.com/security/cve/CVE-2016-7141 https://access.redhat.com/security/cve/CVE-2016-8612 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=distributions&version=2.4.23 https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2016 Red Hat, Inc. ============================================================================ Ubuntu Security Notice USN-2537-1 March 19, 2015

    openssl vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.10
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS
    • Ubuntu 10.04 LTS

    Summary:

    Several security issues were fixed in OpenSSL.

    Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools

    Details:

    It was discovered that OpenSSL incorrectly handled malformed EC private key files. (CVE-2015-0293)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.10: libssl1.0.0 1.0.1f-1ubuntu9.4

    Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.11

    Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.25

    Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.27

    After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005

    OS X Yosemite v10.10.4 and Security Update 2015-005 are now available and address the following:

    Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A process may gain admin privileges without proper authentication Description: An issue existed when checking XPC entitlements. CVE-ID CVE-2015-3671 : Emil Kvarnhammar at TrueSec

    Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A non-admin user may obtain admin rights Description: An issue existed in the handling of user authentication. CVE-ID CVE-2015-3672 : Emil Kvarnhammar at TrueSec

    Admin Framework Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker may abuse Directory Utility to gain root privileges Description: Directory Utility was able to be moved and modified to achieve code execution within an entitled process. CVE-ID CVE-2015-3674 : Dean Jerkovich of NCC Group

    apache Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker may be able to access directories that are protected with HTTP authentication without knowing the correct credentials Description: The default Apache configuration did not include mod_hfs_apple. If Apache was manually enabled and the configuration was not changed, some files that should not be accessible might have been accessible using a specially crafted URL. CVE-ID CVE-2015-1157 CVE-2015-3685 : Apple CVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-3689 : Apple

    coreTLS Available for: OS X Yosemite v10.10 to v10.10.3 Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: coreTLS accepted short ephemeral Diffie-Hellman (DH) keys, as used in export-strength ephemeral DH cipher suites. This issue, also known as Logjam, allowed an attacker with a privileged network position to downgrade security to 512-bit DH if the server supported an export-strength ephemeral DH cipher suite. The issue was addressed by increasing the default minimum size allowed for DH ephemeral keys to 768 bits. CVE-ID CVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah and Corey Kallenberg of LegbaCore LLC, Pedro Vilaca

    EFI Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A malicious application may induce memory corruption to escalate privileges Description: A disturbance error, also known as Rowhammer, exists with some DDR3 RAM that could have led to memory corruption. CVE-ID CVE-2015-3712 : Ian Beer of Google Project Zero

    Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple buffer overflow issues exist in the Intel graphics driver, the most serious of which may lead to arbitrary code execution with system privileges Description: Multiple buffer overflow issues existed in the Intel graphics driver. CVE-ID CVE-2015-3695 : Ian Beer of Google Project Zero CVE-2015-3696 : Ian Beer of Google Project Zero CVE-2015-3697 : Ian Beer of Google Project Zero CVE-2015-3698 : Ian Beer of Google Project Zero CVE-2015-3699 : Ian Beer of Google Project Zero CVE-2015-3700 : Ian Beer of Google Project Zero CVE-2015-3701 : Ian Beer of Google Project Zero CVE-2015-3702 : KEEN Team

    ImageIO Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Multiple vulnerabilities existed in libtiff, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in libtiff versions prior to 4.0.4. CVE-ID CVE-2015-3709 : Ian Beer of Google Project Zero

    Mail Available for: OS X Yosemite v10.10 to v10.10.3 Impact: A maliciously crafted email can replace the message content with an arbitrary webpage when the message is viewed Description: An issue existed in the support for HTML email which allowed message content to be refreshed with an arbitrary webpage. CVE-ID CVE-2015-3711 : Peter Rutenbar working with HP's Zero Day Initiative

    ntp Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: An attacker in a privileged position may be able to perform a denial of service attack against two ntp clients Description: Multiple issues existed in the authentication of ntp packets being received by configured end-points. Geshev working with HP's Zero Day Initiative CVE-2015-3662 : kdot working with HP's Zero Day Initiative CVE-2015-3663 : kdot working with HP's Zero Day Initiative CVE-2015-3666 : Steven Seeley of Source Incite working with HP's Zero Day Initiative CVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs, Ryan Pentney, and Richard Johnson of Cisco Talos and Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3668 : Kai Lu of Fortinet's FortiGuard Labs CVE-2015-3713 : Apple

    Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the Security framework code for parsing S/MIME e-mail and some other signed or encrypted objects. CVE-ID CVE-2013-1741

    Security Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Tampered applications may not be prevented from launching Description: Apps using custom resource rules may have been susceptible to tampering that would not have invalidated the signature. CVE-ID CVE-2015-3715 : Patrick Wardle of Synack

    Spotlight Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.3 Impact: Searching for a malicious file with Spotlight may lead to command injection Description: A command injection vulnerability existed in the handling of filenames of photos added to the local photo library. By sending a maliciously formatted message to systemstatsd, it may have been possible to execute arbitrary code as the systemstatsd process. CVE-ID

    CVE-2014-8139 CVE-2014-8140 CVE-2014-8141

    OS X Yosemite 10.10.4 includes the security content of Safari 8.0.7

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.1l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.1k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0q"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0p"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0o"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8ze"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0n"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1b"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.6,
            "vendor": "hp",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "openssl",
            "version": "0.9.8ze"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v2)"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.8-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura collaboration environment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.60"
          },
          {
            "_id": null,
            "model": "informix genero",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.32"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "bladecenter advanced management module 25r5778",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3361m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.186"
          },
          {
            "_id": null,
            "model": "algo one ase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124e",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.4.0"
          },
          {
            "_id": null,
            "model": "bladecenter -s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1948"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "gb esm ethernet switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1/107.4.11.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "virtual fabric 10gb switch module for bladecenter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.8.20.0"
          },
          {
            "_id": null,
            "model": "icewall mcrp sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.211"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "pureapplication system interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.0.1"
          },
          {
            "_id": null,
            "model": "sbr carrier",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "i operating system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.12"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.53"
          },
          {
            "_id": null,
            "model": "virtual fabric 10gb switch module for bladecenter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.6.0"
          },
          {
            "_id": null,
            "model": "algo one core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.7-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "informix genero",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.41"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.20"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.780"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.6"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.1"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "aspera shares",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.7.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "worklight foundation consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.20"
          },
          {
            "_id": null,
            "model": "cms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "17.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.2"
          },
          {
            "_id": null,
            "model": "abyp-4tl-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.35"
          },
          {
            "_id": null,
            "model": "communications session border controller scz7.4.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.15"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.0"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1209"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.24"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.0.4"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2a",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.16"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.2.0.4-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.16"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.8"
          },
          {
            "_id": null,
            "model": "tivoli netcool/reporter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "vios fp-25 sp-02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0.3"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.6.1.0.0"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.4.0"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.3361"
          },
          {
            "_id": null,
            "model": "sterling integrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.10"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.1"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.16-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.0.1"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler t1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.0-68"
          },
          {
            "_id": null,
            "model": "worklight foundation enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.20"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.842"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0.870"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2-77"
          },
          {
            "_id": null,
            "model": "communications policy management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.9.1"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.17"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8332",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.20.0"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.1.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1m",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.840"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.4"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.3.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0r",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2.77"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8w",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.2"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.6.0"
          },
          {
            "_id": null,
            "model": "flashsystem 9843-ae1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "840"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.27"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.11"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.27"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11150-11"
          },
          {
            "_id": null,
            "model": "rational application developer for websphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.8"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "g8264cs si fabric image",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.1.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "flex system cn4093 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ds8870",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87.41.32.0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "qlogic 8gb intelligent pass-thru module \u0026 san switch module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.10.1.31.00"
          },
          {
            "_id": null,
            "model": "rational application developer for websphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "command center appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.1"
          },
          {
            "_id": null,
            "model": "gb esm ethernet switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1/107.4.10.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.96"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.4"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.5.0.0"
          },
          {
            "_id": null,
            "model": "bladecenter -t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8720"
          },
          {
            "_id": null,
            "model": "aspera shares",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.23"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.5"
          },
          {
            "_id": null,
            "model": "flex system cn4093 10gb scalable switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.2"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.2.1"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.2"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.4"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.17"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.15-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.0"
          },
          {
            "_id": null,
            "model": "initiate master data service patient hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6.156"
          },
          {
            "_id": null,
            "model": "ds8700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87.31.16.0"
          },
          {
            "_id": null,
            "model": "netscaler gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.12"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.3"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.913"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.13"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.13"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.1.1"
          },
          {
            "_id": null,
            "model": "infosphere guardium database activity monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "infosphere master data management patient hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10"
          },
          {
            "_id": null,
            "model": "sametime unified telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.10"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.43"
          },
          {
            "_id": null,
            "model": "flex system en4023 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flex system fc5022 16gb san scalable switch 7.2.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "virtual fabric 10gb switch module for bladecenter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.8.21.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.211"
          },
          {
            "_id": null,
            "model": "bladecenter -s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8886"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.3.0"
          },
          {
            "_id": null,
            "model": "cognos controller if4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.9"
          },
          {
            "_id": null,
            "model": "communications session border controller scz7.3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.7"
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.4.03"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.7"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.21"
          },
          {
            "_id": null,
            "model": "aspera faspex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "algo one pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "aspera ondemand",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.16"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.42"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "bundle of g8264cs image",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.14"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.2"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "abyp-2t-1s-1l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.36"
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.0.820"
          },
          {
            "_id": null,
            "model": "aspera console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.1"
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3350m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8y",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "aspera connect server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.4"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.2.0.4-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "icewall sso agent option",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.02007"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.11"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "project openssl beta4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.4.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.213"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.11"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "tssc/imc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.6"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.20"
          },
          {
            "_id": null,
            "model": "netscaler application delivery controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "project openssl beta5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.34"
          },
          {
            "_id": null,
            "model": "bladecenter -e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7967"
          },
          {
            "_id": null,
            "model": "abyp-2t-1s-1l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8052",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.68"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "13.2"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.0"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "abyp-10g-2sr-2lr-1-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.2.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.102"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.6"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.3.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.3"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.4"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.1.830"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "bladecenter -h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8852"
          },
          {
            "_id": null,
            "model": "si4093 si fabric",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "bladecenter -ht",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8750"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15-210"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.13"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.4"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.54"
          },
          {
            "_id": null,
            "model": "abyp-2t-2s-0l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "security proventia network enterprise scanner",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.5.0"
          },
          {
            "_id": null,
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix ifix03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.5.0.3"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "aspera console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "2.3.1"
          },
          {
            "_id": null,
            "model": "aspera connect server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.08"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.9.1"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0-103"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.12.201"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.95"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.06"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.3"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.15"
          },
          {
            "_id": null,
            "model": "cognos controller fp3 if2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.4"
          },
          {
            "_id": null,
            "model": "power hmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.8.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0-95"
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3379m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.7"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8za",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.19"
          },
          {
            "_id": null,
            "model": "openscape voice r1.43.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v7"
          },
          {
            "_id": null,
            "model": "abyp-0t-4s-0l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "algo one aggregation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8m beta1",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.0.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v1)"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.2"
          },
          {
            "_id": null,
            "model": "abyp-4ts-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.15"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.45"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.5.0.38"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.07"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.96"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11150-11"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1.1"
          },
          {
            "_id": null,
            "model": "flex system fc5022 16gb san scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "_id": null,
            "model": "infosphere master data management provider hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "algo one ase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "rational application developer for websphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.0.1"
          },
          {
            "_id": null,
            "model": "abyp-10g-4lr-1-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "abyp-10g-4lr-1-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.44"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.8-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2.127"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.800"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.1"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.10"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.02"
          },
          {
            "_id": null,
            "model": "algo one core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6.1146-109"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ds8800",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "86.31.123.0"
          },
          {
            "_id": null,
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.07"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.2"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.1.0"
          },
          {
            "_id": null,
            "model": "bladecenter -e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1881"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.1.0.4-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "openscape voice r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v7"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.1"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1768"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.5"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.9"
          },
          {
            "_id": null,
            "model": "algo one mag",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "abyp-0t-0s-4l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8v"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.4.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aspera proxy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "abyp-4t-0s-0l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1-73"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "aspera connect server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "algo audit and compliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.4.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.780"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.5"
          },
          {
            "_id": null,
            "model": "communications policy management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.7.3"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2.4"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.9"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.0"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.4"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.0.0"
          },
          {
            "_id": null,
            "model": "aspera enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.4"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0.6"
          },
          {
            "_id": null,
            "model": "flex system fc5022 16gb san scalable switch 7.3.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "abyp-0t-2s-2l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "virtual fabric 10gb switch module for bladecenter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.7.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.41"
          },
          {
            "_id": null,
            "model": "storediq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.21"
          },
          {
            "_id": null,
            "model": "integration bus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.0-14"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sametime community server hf1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8ze",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.19"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.2"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.04"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.63"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0.860"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications fp02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264t",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.5"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "bladecenter -s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7779"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "algo one core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.7.1"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.2.2"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5"
          },
          {
            "_id": null,
            "model": "sametime community server limited use",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.02"
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.4.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0.870"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v3)"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.8-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8332",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.19.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.20"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8052",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.4.0"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "idp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12.1"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.40"
          },
          {
            "_id": null,
            "model": "abyp-0t-2s-2l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "aspera enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "ctpos 7.0r4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.840"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.1"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.14"
          },
          {
            "_id": null,
            "model": "abyp-2t-0s-2l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.32"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.211"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15210"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "aspera shares",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.9.2"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.4.04"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.64"
          },
          {
            "_id": null,
            "model": "abyp-10g-4sr-1-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational software architect for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "g8264cs si fabric image",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3352m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264cs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "flex system en4023 10gb scalable switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.16"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.4"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.3.1"
          },
          {
            "_id": null,
            "model": "rational tau interim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.0.6"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.14"
          },
          {
            "_id": null,
            "model": "rational software architect for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.14"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise session border controller ecz7.3m2p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.13"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264cs",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.03"
          },
          {
            "_id": null,
            "model": "version control repository manager 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "junos space",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.740"
          },
          {
            "_id": null,
            "model": "icewall sso dfw r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "ddos secure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.411"
          },
          {
            "_id": null,
            "model": "infosphere master data management standard/advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.213"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "power hmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.3.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.2"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.5"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.4.0.4.0"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.1.0"
          },
          {
            "_id": null,
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.2.0"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.17"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.3"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.0.0"
          },
          {
            "_id": null,
            "model": "ds8870",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87.31.38.0"
          },
          {
            "_id": null,
            "model": "openscape voice r1.42.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v7"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "aspera faspex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.9.2"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.0"
          },
          {
            "_id": null,
            "model": "algo one pcre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "ringmaster appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.1.2"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "cognos planning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.28"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.7"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.13"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.16-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "bundle of g8264cs image",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.21"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6.1146-108"
          },
          {
            "_id": null,
            "model": "aspera enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cognos controller fp1 if1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "openscape voice r1.37.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v8"
          },
          {
            "_id": null,
            "model": "aspera console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "icewall sso dfw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "vgw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.0.820"
          },
          {
            "_id": null,
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.4"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.010"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.1.0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aspera shares",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.7.3"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.10"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.2.835"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.41"
          },
          {
            "_id": null,
            "model": "infosphere guardium for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura collaboration environment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.1"
          },
          {
            "_id": null,
            "model": "icewall sso agent option",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8x"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.16-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.6.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "openscape voice r1.38.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v8"
          },
          {
            "_id": null,
            "model": "abyp-10g-4sr-1-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.33"
          },
          {
            "_id": null,
            "model": "src series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openssh for gpfs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "initiate master data service provider hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2.0.1"
          },
          {
            "_id": null,
            "model": "icewall sso dfw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.3.0"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.3.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.4"
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.3"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.9"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.213"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.26"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2.106"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "infosphere master data management standard/advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1.0"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager sdk",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.1.0"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.3"
          },
          {
            "_id": null,
            "model": "abyp-0t-4s-0l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.03"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.1.830"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.6"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.71"
          },
          {
            "_id": null,
            "model": "aspera faspex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.7.5"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.3"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.5.1.1"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.2.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.0.0"
          },
          {
            "_id": null,
            "model": "power hmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.0.0"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8052",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.7"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "strm/jsa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.14.20"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.760"
          },
          {
            "_id": null,
            "model": "aspera drive",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "algo one core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.7"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8052",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.3.0"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.1.3"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.1.0.5-p2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "informix genero",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.50"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.3"
          },
          {
            "_id": null,
            "model": "openscape voice r1.3.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v8"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15.1"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15.2"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.210"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "tuxedo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.1.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.0.0"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.14"
          },
          {
            "_id": null,
            "model": "i operating systems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2.0.2"
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3381m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5"
          },
          {
            "_id": null,
            "model": "power hmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.9.0"
          },
          {
            "_id": null,
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "cognos planning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "gb esm ethernet switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1/106.8.21.0"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "algo one mag",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.9"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "tssc/imc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9.790"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.0.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1.730"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.12"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1"
          },
          {
            "_id": null,
            "model": "rational tau interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.0.6"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.1"
          },
          {
            "_id": null,
            "model": "screenos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.6"
          },
          {
            "_id": null,
            "model": "bladecenter t advanced management module 32r0835",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.801"
          },
          {
            "_id": null,
            "model": "flex system en2092 1gb ethernet scalable switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.5"
          },
          {
            "_id": null,
            "model": "system storage san768b-2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.0.1"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8316",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.3.0"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "lotus protector for mail security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.80"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.4.0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.16"
          },
          {
            "_id": null,
            "model": "initiate master data service provider hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "_id": null,
            "model": "aspera console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.2"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.0.2"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.5"
          },
          {
            "_id": null,
            "model": "exalogic infrastructure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.0.6.2"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.6"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.41"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.3"
          },
          {
            "_id": null,
            "model": "aspera proxy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.2.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.03"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4.143"
          },
          {
            "_id": null,
            "model": "cognos controller fp1 if1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "lotus protector for mail security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.8.1.0"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openscape voice r1.43.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v8"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.8"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.3.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.13"
          },
          {
            "_id": null,
            "model": "bladecenter -t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8730"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.31"
          },
          {
            "_id": null,
            "model": "cloudbridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.7"
          },
          {
            "_id": null,
            "model": "gb esm ethernet switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1/106.8.20.0"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications fp01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "abyp-0t-0s-4l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ds8870",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87.31.2.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.1.6"
          },
          {
            "_id": null,
            "model": "initiate master data service patient hub",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8316",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.14"
          },
          {
            "_id": null,
            "model": "flashsystem 9840-ae1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "840"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.14"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.1"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.2"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.13"
          },
          {
            "_id": null,
            "model": "abyp-2t-2s-0l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0-12"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.9"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.1"
          },
          {
            "_id": null,
            "model": "bladecenter -h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7989"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.3.3"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.3381"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.8.0"
          },
          {
            "_id": null,
            "model": "abyp-4tl-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1.104"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "nsm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "bladecenter -ht",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8740"
          },
          {
            "_id": null,
            "model": "abyp-4ts-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.5"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0.860"
          },
          {
            "_id": null,
            "model": "icewall mcrp sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "qlogic 8gb intelligent pass-thru module \u0026 san switch module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.10.1.35.00"
          },
          {
            "_id": null,
            "model": "infosphere guardium database activity monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.13"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.12"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.4.0"
          },
          {
            "_id": null,
            "model": "openscape voice r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "unify",
            "version": "v8"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.3.0.3"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.8"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.09"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aspera console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "pulse secure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "aspera faspex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.7.7"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.1"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.2.3"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.14"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10"
          },
          {
            "_id": null,
            "model": "abyp-10g-2sr-2lr-1-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.146"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.14"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1.73"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264t",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "power hmc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.0.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.1.3"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zc",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.13"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "icewall sso agent option update rele",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.02007"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.0.3"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.18"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.25"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1.1"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124e",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.4.34"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "14.0"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.15"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.3376"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1841"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.010"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "flex system fc5022 16gb san scalable switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "abyp-4t-0s-0l-p",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.41"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zd",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.3.0.2"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.23"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.14"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.1.0.5-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.4"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.11"
          },
          {
            "_id": null,
            "model": "icewall sso dfw r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.179"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.010"
          },
          {
            "_id": null,
            "model": "mq light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "informix genero",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.40"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.9"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.2"
          },
          {
            "_id": null,
            "model": "junos os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ds8870",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87.31.16.0"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "worklight foundation consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.0.1"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.2"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "security network intrusion prevention system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.6.2"
          },
          {
            "_id": null,
            "model": "bladecenter -h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1886"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.151.05"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.3.2"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.13.0"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8264",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11.3.0"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.2.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.5"
          },
          {
            "_id": null,
            "model": "sterling connect:enterprise for unix ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.5.0.37"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "2.3.20"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.3.0.5"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "system networking rackswitch g8124",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.9.14.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.7"
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "secure backup",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.3.0.1.0"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.212"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.0"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "_id": null,
            "model": "infosphere master data management standard/advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.01"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "8.4.1"
          },
          {
            "_id": null,
            "model": "aspera orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "sterling b2b integrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "worklight foundation enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.0.1"
          },
          {
            "_id": null,
            "model": "ctpos 6.6r1",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "bladecenter -e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8677"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.9"
          },
          {
            "_id": null,
            "model": "communications policy management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.11"
          },
          {
            "_id": null,
            "model": "icewall mcrp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "sametime unified telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.2.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.2.835"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.841"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.12"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.13"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.32"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.2.1"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.103"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.12"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.12"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.4"
          },
          {
            "_id": null,
            "model": "security network controller 1.0.3376m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "aspera faspex",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.5"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.9"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "_id": null,
            "model": "security network controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.3379"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "netscaler service delivery appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "si4093 si fabric",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "predictiveinsight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.2.7"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.60"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.0.121"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "aspera shares",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asperasoft",
            "version": "1.9"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "campaign",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "communications policy management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.4.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zf",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.7.5.0"
          },
          {
            "_id": null,
            "model": "systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.0"
          },
          {
            "_id": null,
            "model": "session border controller for enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "flex system fabric en4093r 10gb scalable switch",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.11.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.10"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.0"
          },
          {
            "_id": null,
            "model": "flex system fc5022 16gb san scalable switch 7.2.0d5",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "icewall mcrp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.0.1"
          },
          {
            "_id": null,
            "model": "qradar security information and event manager mr2 patch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.110"
          },
          {
            "_id": null,
            "model": "abyp-2t-0s-2l-p-m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "flex system fabric si4093 system interconnect module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.8.10.0"
          },
          {
            "_id": null,
            "model": "rational tau",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.33"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.3"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.7"
          },
          {
            "_id": null,
            "model": "systems insight manager 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4.750"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.4"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "i operating system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "algo one core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images system edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x7.1.1.0"
          },
          {
            "_id": null,
            "model": "ctpos 6.6r2",
            "scope": null,
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.800"
          },
          {
            "_id": null,
            "model": "contactoptimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.18"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0.4"
          },
          {
            "_id": null,
            "model": "cognos controller fp1 if2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "icewall sso dfw r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9.790"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "73225"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Stephen Henson",
        "sources": [
          {
            "db": "BID",
            "id": "73225"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-0286",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-0286",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-0286",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201503-398",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-0286",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0286"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. The Common Vulnerabilities and Exposures project\nidentifies the following issues:\n\nCVE-2015-0286\n\n    Stephen Henson discovered that the ASN1_TYPE_cmp() function\n    can be crashed, resulting in denial of service. \n\nCVE-2015-0287\n\n    Emilia Kaesper discovered a memory corruption in ASN.1 parsing. \n\nCVE-2015-0292\n\n    It was discovered that missing input sanitising in base64 decoding\n    might result in memory corruption. \n\nCVE-2015-0209\n\n    It was discovered that a malformed EC private key might result in\n    memory corruption. \n\nCVE-2015-0288\n\n    It was discovered that missing input sanitising in the\n    X509_to_X509_REQ() function might result in denial of service. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.0.1e-2+deb7u15. In this update the export ciphers are removed\nfrom the default cipher list. \n\nReferences:\n\nCVE-2014-3569\nCVE-2014-3570\nCVE-2014-3571\nCVE-2014-3572\nCVE-2014-8275\nCVE-2015-0204\nCVE-2015-0205\nCVE-2015-0206\nCVE-2015-0209\nCVE-2015-0286\nCVE-2015-0288\nCVE-2015-5432\nCVE-2015-5433\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. OpenSSL Security Advisory [19 Mar 2015]\n=======================================\n\nOpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)\n=====================================================\n\nSeverity: High\n\nIf a client connects to an OpenSSL 1.0.2 server and renegotiates with an\ninvalid signature algorithms extension a NULL pointer dereference will occur. \nThis can be exploited in a DoS attack against the server. \n\nThis issue was was reported to OpenSSL on 26th February 2015 by David Ramos\nof Stanford University. The fix was developed by Stephen Henson and Matt\nCaswell of the OpenSSL development team. \n\nReclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n============================================================================\n\nSeverity: High\n\nThis security issue was previously announced by the OpenSSL project and\nclassified as \"low\" severity. This severity rating has now been changed to\n\"high\". \n\nThis was classified low because it was originally thought that server RSA\nexport ciphersuite support was rare: a client was only vulnerable to a MITM\nattack against a server which supports an RSA export ciphersuite. Recent\nstudies have shown that RSA export ciphersuites support is far more common. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. It was previously announced in the OpenSSL\nsecurity advisory on 8th January 2015. \n\nMultiblock corrupted pointer (CVE-2015-0290)\n============================================\n\nSeverity: Moderate\n\nOpenSSL 1.0.2 introduced the \"multiblock\" performance improvement. This feature\nonly applies on 64 bit x86 architecture platforms that support AES NI\ninstructions. A defect in the implementation of \"multiblock\" can cause OpenSSL\u0027s\ninternal write buffer to become incorrectly set to NULL when using non-blocking\nIO. Typically, when the user application is using a socket BIO for writing, this\nwill only result in a failed connection. However if some other BIO is used then\nit is likely that a segmentation fault will be triggered, thus enabling a\npotential DoS attack. \n\nThis issue was reported to OpenSSL on 13th February 2015 by Daniel Danner and\nRainer Mueller. The fix was developed by Matt Caswell of the OpenSSL development\nteam. \n\nSegmentation fault in DTLSv1_listen (CVE-2015-0207)\n===================================================\n\nSeverity: Moderate\n\nThe DTLSv1_listen function is intended to be stateless and processes the initial\nClientHello from many peers. It is common for user code to loop over the call to\nDTLSv1_listen until a valid ClientHello is received with an associated cookie. A\ndefect in the implementation of DTLSv1_listen means that state is preserved in\nthe SSL object from one invocation to the next that can lead to a segmentation\nfault. Errors processing the initial ClientHello can trigger this scenario. An\nexample of such an error could be that a DTLS1.0 only client is attempting to\nconnect to a DTLS1.2 only server. \n\nThis issue was reported to OpenSSL on 27th January 2015 by Per Allansson. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSegmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)\n===================================================\n\nSeverity: Moderate\n\nThe function ASN1_TYPE_cmp will crash with an invalid read if an attempt is\nmade to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check\ncertificate signature algorithm consistency this can be used to crash any\ncertificate verification operation and exploited in a DoS attack. Any\napplication which performs certificate verification is vulnerable including\nOpenSSL clients and servers which enable client authentication. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was discovered and fixed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nSegmentation fault for invalid PSS parameters (CVE-2015-0208)\n=============================================================\n\nSeverity: Moderate\n\nThe signature verification routines will crash with a NULL pointer\ndereference if presented with an ASN.1 signature using the RSA PSS\nalgorithm and invalid parameters. Since these routines are used to verify\ncertificate signature algorithms this can be used to crash any\ncertificate verification operation and exploited in a DoS attack. Any\napplication which performs certificate verification is vulnerable including\nOpenSSL clients and servers which enable client authentication. \n\nThis issue affects OpenSSL version: 1.0.2\n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\n\nThis issue was was reported to OpenSSL on 31st January 2015 by Brian Carpenter\nand a fix developed by Stephen Henson of the OpenSSL development team. \n\nASN.1 structure reuse memory corruption (CVE-2015-0287)\n=======================================================\n\nSeverity: Moderate\n\nReusing a structure in ASN.1 parsing may allow an attacker to cause\nmemory corruption via an invalid write. Such reuse is and has been\nstrongly discouraged and is believed to be rare. \n\nApplications that parse structures containing CHOICE or ANY DEFINED BY\ncomponents may be affected. Certificate parsing (d2i_X509 and related\nfunctions) are however not affected. OpenSSL clients and servers are\nnot affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was discovered by Emilia K\u00e4sper and a fix developed by\nStephen Henson of the OpenSSL development team. \n\nPKCS7 NULL pointer dereferences (CVE-2015-0289)\n===============================================\n\nSeverity: Moderate\n\nThe PKCS#7 parsing code does not handle missing outer ContentInfo correctly. \nAn attacker can craft malformed ASN.1-encoded PKCS#7 blobs with\nmissing content and trigger a NULL pointer dereference on parsing. \n\nApplications that verify PKCS#7 signatures, decrypt PKCS#7 data or\notherwise parse PKCS#7 structures from untrusted sources are\naffected. OpenSSL clients and servers are not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was reported to OpenSSL on February 16th 2015 by Michal\nZalewski (Google) and a fix developed by Emilia K\u00e4sper of the OpenSSL\ndevelopment team. \n\nBase64 decode (CVE-2015-0292)\n=============================\n\nSeverity: Moderate\n\nA vulnerability existed in previous versions of OpenSSL related to the\nprocessing of base64 encoded data. Any code path that reads base64 data from an\nuntrusted source could be affected (such as the PEM processing routines). \nMaliciously crafted base 64 data could trigger a segmenation fault or memory\ncorruption. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 0.9.8 users should upgrade to 0.9.8za. This issue was originally reported by\nRobert Dugal and subsequently by David Ramos. \n\nDoS via reachable assert in SSLv2 servers (CVE-2015-0293)\n=========================================================\n\nSeverity: Moderate\n\nA malicious client can trigger an OPENSSL_assert (i.e., an abort) in\nservers that both support SSLv2 and enable export cipher suites by sending\na specially crafted SSLv2 CLIENT-MASTER-KEY message. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was discovered by Sean Burford (Google) and Emilia K\u00e4sper\n(OpenSSL development team) in March 2015 and the fix was developed by\nEmilia K\u00e4sper. \n\nEmpty CKE with client auth and DHE (CVE-2015-1787)\n==================================================\n\nSeverity: Moderate\n\nIf client auth is used then a server can seg fault in the event of a DHE\nciphersuite being selected and a zero length ClientKeyExchange message being\nsent by the client. This could be exploited in a DoS attack. \n\nThis issue was discovered and the fix was developed by Matt Caswell of the\nOpenSSL development team. \n\nHandshake with unseeded PRNG (CVE-2015-0285)\n============================================\n\nSeverity: Low\n\nUnder certain conditions an OpenSSL 1.0.2 client can complete a handshake with\nan unseeded PRNG. The conditions are:\n- The client is on a platform where the PRNG has not been seeded automatically,\nand the user has not seeded manually\n- A protocol specific client method version has been used (i.e. not\nSSL_client_methodv23)\n- A ciphersuite is used that does not require additional random data from the\nPRNG beyond the initial ClientHello client random (e.g. PSK-RC4-SHA). \n\nIf the handshake succeeds then the client random that has been used will have\nbeen generated from a PRNG with insufficient entropy and therefore the output\nmay be predictable. \n\nFor example using the following command with an unseeded openssl will succeed on\nan unpatched platform:\n\nopenssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA\n\nThis issue affects OpenSSL version: 1.0.2\n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a. \n\nThis issue was discovered and the fix was developed by Matt Caswell of the\nOpenSSL development team. \n\nUse After Free following d2i_ECPrivatekey error (CVE-2015-0209)\n===============================================================\n\nSeverity: Low\n\nA malformed EC private key file consumed via the d2i_ECPrivateKey function could\ncause a use after free condition. This, in turn, could cause a double\nfree in several private key parsing functions (such as d2i_PrivateKey\nor EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption\nfor applications that receive EC private keys from untrusted\nsources. This scenario is considered rare. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was discovered by the BoringSSL project and fixed in their commit\n517073cd4b. The OpenSSL fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nX509_to_X509_REQ NULL pointer deref (CVE-2015-0288)\n===================================================\n\nSeverity: Low\n\nThe function X509_to_X509_REQ will crash with a NULL pointer dereference if\nthe certificate key is invalid. This function is rarely used in practice. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2a\nOpenSSL 1.0.1 users should upgrade to 1.0.1m. \nOpenSSL 1.0.0 users should upgrade to 1.0.0r. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zf. \n\nThis issue was discovered by Brian Carpenter and a fix developed by Stephen\nHenson of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150319.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-09-16-1 iOS 9\n\niOS 9 is now available and addresses the following:\n\nApple Pay\nAvailable for:  iPhone 6, iPad mini 3, and iPad Air 2\nImpact:  Some cards may allow a terminal to retrieve limited recent\ntransaction information when making a payment\nDescription:  The transaction log functionality was enabled in\ncertain configurations. This issue was addressed by removing the\ntransaction log functionality. \nCVE-ID\nCVE-2015-5916\n\nAppleKeyStore\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local attacker may be able to reset failed passcode\nattempts with an iOS backup\nDescription:  An issue existed in resetting failed passcode attempts\nwith a backup of the iOS device. This was addressed through improved\npasscode failure logic. \nCVE-ID\nCVE-2015-5850 : an anonymous researcher\n\nApplication Store\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Clicking a malicious ITMS link may lead to a denial of\nservice in an enterprise-signed application\nDescription:  An issue existed with installation through ITMS links. \nThis was addressed through additional installation verification. \nCVE-ID\nCVE-2015-5856 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\nFireEye, Inc. \n\nAudio\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Playing a malicious audio file may lead to an unexpected\napplication termination\nDescription:  A memory corruption issue existed in the handling of\naudio files. This issue issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.:\nProf. Taekyoung Kwon), Yonsei University, Seoul, Korea\n\nCertificate Trust Policy\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Update to the certificate trust policy\nDescription:  The certificate trust policy was updated. The complete\nlist of certificates may be viewed at https://support.apple.com/en-\nus/HT204132. \n\nCFNetwork\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to an iOS device may read\ncache data from Apple apps\nDescription:  Cache data was encrypted with a key protected only by\nthe hardware UID. This issue was addressed by encrypting the cache\ndata with a key protected by the hardware UID and the user\u0027s\npasscode. \nCVE-ID\nCVE-2015-5898 : Andreas Kurtz of NESO Security Labs\n\nCFNetwork Cookies\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker in a privileged network position can track a\nuser\u0027s activity\nDescription:  A cross-domain cookie issue existed in the handling of\ntop level domains. The issue was address through improved\nrestrictions of cookie creation. \nCVE-ID\nCVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork Cookies\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker may be able to create unintended cookies for a\nwebsite\nDescription:  WebKit would accept multiple cookies to be set in the\ndocument.cookie API. This issue was addressed through improved\nparsing. \nCVE-ID\nCVE-2015-3801 : Erling Ellingsen of Facebook\n\nCFNetwork FTPProtocol\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Malicious FTP servers may be able to cause the client to\nperform reconnaissance on other hosts\nDescription:  An issue existed in FTP packet handling if clients were\nusing an FTP proxy. \nCVE-ID\nCVE-2015-5912 : Amit Klein\n\nCFNetwork HTTPProtocol\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted URL may be able to bypass HTTP Strict\nTransport Security (HSTS) and leak sensitive data\nDescription:  A URL parsing vulnerability existed in HSTS handling. \nThis issue was addressed through improved URL parsing. \nCVE-ID\nCVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork HTTPProtocol\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious website may be able to track users in Safari\nprivate browsing mode\nDescription:  An issue existed in the handling of HSTS state in\nSafari private browsing mode. This issue was addressed through\nimproved state handling. \nCVE-ID\nCVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd\n\nCFNetwork Proxies\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Connecting to a malicious web proxy may set malicious\ncookies for a website\nDescription:  An issue existed in the handling of proxy connect\nresponses. This issue was addressed by removing the set-cookie header\nwhile parsing the connect response. \nCVE-ID\nCVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua\nUniversity\n\nCFNetwork SSL\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription:  A certificate validation issue existed in NSURL when a\ncertificate changed. This issue was addressed through improved\ncertificate validation. \nCVE-ID\nCVE-2015-5824 : Timothy J. Wood of The Omni Group\n\nCFNetwork SSL\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker may be able to decrypt data protected by SSL\nDescription:  There are known attacks on the confidentiality of RC4. \nAn attacker could force the use of RC4, even if the server preferred\nbetter ciphers, by blocking TLS 1.0 and higher connections until\nCFNetwork tried SSL 3.0, which only allows RC4. This issue was\naddressed by removing the fallback to SSL 3.0. \n\nCoreAnimation\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to leak sensitive user\ninformation\nDescription:  Applications could access the screen framebuffer while\nthey were in the background. This issue was addressed with improved\naccess control on IOSurfaces. \nCVE-ID\nCVE-2015-5880 : Jin Han, Su Mon Kywe, Qiang Yan, Robert Deng, Debin\nGao, Yingjiu Li of School of Information Systems Singapore Management\nUniversity,  Feng Bao and Jianying Zhou of Cryptography and Security\nDepartment Institute for Infocomm Research\n\nCoreCrypto\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker may be able to determine a private key\nDescription:  By observing many signing or decryption attempts, an\nattacker may have been able to determine the RSA private key. This\nissue was addressed using improved encryption algorithms. \n\nCoreText\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team\n\nData Detectors Engine\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription:  Memory corruption issues existed in the processing of\ntext files. These issues were addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)\n\nDev Tools\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in dyld. This was\naddressed through improved memory handling. \nCVE-ID\nCVE-2015-5876 : beist of grayhash\n\ndyld\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An application may be able to bypass code signing\nDescription:  An issue existed with validation of the code signature\nof executables. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team\n\nDisk Images\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A memory corruption issue existed in DiskImages. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5847 : Filippo Bigarella, Luca Todesco\n\nGame Center\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious Game Center application may be able to access a\nplayer\u0027s email address\nDescription:  An issue existed in Game Center in the handling of a\nplayer\u0027s email. This issue was addressed through improved access\nrestrictions. \nCVE-ID\nCVE-2015-5855 : Nasser Alnasser\n\nICU\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Multiple vulnerabilities in ICU\nDescription:  Multiple vulnerabilities existed in ICU versions prior\nto 53.1.0. These issues were addressed by updating ICU to version\n55.1. \nCVE-ID\nCVE-2014-8146\nCVE-2015-1205\n\nIOAcceleratorFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  An issue existed that led to the disclosure of kernel\nmemory content. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team\n\nIOAcceleratorFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A memory corruption issue existed in\nIOAcceleratorFamily. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5848 : Filippo Bigarella\n\nIOHIDFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in IOHIDFamily. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5867 : moony li of Trend Micro\n\nIOKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5844 : Filippo Bigarella\nCVE-2015-5845 : Filippo Bigarella\nCVE-2015-5846 : Filippo Bigarella\n\nIOMobileFrameBuffer\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A memory corruption issue existed in\nIOMobileFrameBuffer. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5843 : Filippo Bigarella\n\nIOStorageFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local attacker may be able to read kernel memory\nDescription:  A memory initialization issue existed in the kernel. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5863 : Ilja van Sprundel of IOActive\n\niTunes Store\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  AppleID credentials may persist in the keychain after sign\nout\nDescription:  An issue existed in keychain deletion. This issue was\naddressed through improved account cleanup. \nCVE-ID\nCVE-2015-5832 : Kasif Dekel from Check Point Software Technologies\n\nJavaScriptCore\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  Memory corruption issues existed in WebKit. These\nissues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5791 : Apple\nCVE-2015-5793 : Apple\nCVE-2015-5814 : Apple\nCVE-2015-5816 : Apple\nCVE-2015-5822 : Mark S. Miller of Google\nCVE-2015-5823 : Apple\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nkernel privileges\nDescription:  A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team\nCVE-2015-5896 : Maxime Villard of m00nbsd\nCVE-2015-5903 : CESG\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local attacker may control the value of stack cookies\nDescription:  Multiple weaknesses existed in the generation of user\nspace stack cookies. This was addressed through improved generation\nof stack cookies. \nCVE-ID\nCVE-2013-3951 : Stefan Esser\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local process can modify other processes without\nentitlement checks\nDescription:  An issue existed where root processes using the\nprocessor_set_tasks API were allowed to retrieve the task ports of\nother processes. This issue was addressed through added entitlement\nchecks. \nCVE-ID\nCVE-2015-5882 : Pedro Vilaca, working from original research by Ming-\nchieh Pan and Sung-ting Tsai; Jonathan Levin\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker may be able to launch denial of service attacks\non targeted TCP connections without knowing the correct sequence\nnumber\nDescription:  An issue existed in xnu\u0027s validation of TCP packet\nheaders. This issues was addressed through improved TCP packet header\nvalidation. \nCVE-ID\nCVE-2015-5879 : Jonathan Looney\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker in a local LAN segment may disable IPv6 routing\nDescription:  An insufficient validation issue existed in handling of\nIPv6 router advertisements that allowed an attacker to set the hop\nlimit to an arbitrary value. This issue was addressed by enforcing a\nminimum hop limit. \nCVE-ID\nCVE-2015-5869 : Dennis Spindel Ljungmark\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to determine kernel memory layout\nDescription:  An issue existed in XNU that led to the disclosure of\nkernel memory. This was addressed through improved initialization of\nkernel memory structures. \nCVE-ID\nCVE-2015-5842 : beist of grayhash\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to cause a system denial of service\nDescription:  An issue existed in HFS drive mounting. This was\naddressed by additional validation checks. \nCVE-ID\nCVE-2015-5748 : Maxime Villard of m00nbsd\n\nlibc\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nkernel privileges\nDescription:  A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse\nCorporation\n\nlibpthread\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nkernel privileges\nDescription:  A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team\n\nMail\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker can send an email that appears to come from a\ncontact in the recipient\u0027s address book\nDescription:  An issue existed in the handling of the sender\u0027s\naddress. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5857 : Emre Saglam of salesforce.com\n\nMultipeer Connectivity\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local attacker may be able to observe unprotected\nmultipeer data\nDescription:  An issue existed in convenience initializer handling in\nwhich encryption could be actively downgraded to a non-encrypted\nsession. This issue was addressed by changing the convenience\ninitializer to require encryption. \nCVE-ID\nCVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem\n\nNetworkExtension\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  An uninitialized memory issue in the kernel led to the\ndisclosure of kernel memory content. This issue was addressed through\nmemory initialization. \nCVE-ID\nCVE-2015-5831 : Maxime Villard of m00nbsd\n\nOpenSSL\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Multiple vulnerabilities in OpenSSL\nDescription:  Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-0286\nCVE-2015-0287\n\nPluginKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious enterprise application can install extensions\nbefore the application has been trusted\nDescription:  An issue existed in the validation of extensions during\ninstallation. This was addressed through improved app verification. \nCVE-ID\nCVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of\nFireEye, Inc. \n\nremovefile\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing malicious data may lead to unexpected application\ntermination\nDescription:  An overflow fault existed in the checkint division\nroutines. This issue was addressed with improved division routines. \nCVE-ID\nCVE-2015-5840 : an anonymous researcher\n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to read Safari bookmarks on a\nlocked iOS device without a passcode\nDescription:  Safari bookmark data was encrypted with a key protected\nonly by the hardware UID. This issue was addressed by encrypting the\nSafari bookmark data with a key protected by the hardware UID and the\nuser\u0027s passcode. \nCVE-ID\nCVE-2015-5903 : Jonathan Zdziarski\n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website may lead to user interface\nspoofing\nDescription:  An issue may have allowed a website to display content\nwith a URL from a different website. This issue was addressed through\nimproved URL handling. \nCVE-ID\nCVE-2015-5904 : Erling Ellingsen of Facebook, Lukasz Pilorz\n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website may lead to user interface\nspoofing\nDescription:  Navigating to a malicious website with a malformed\nwindow opener may have allowed the display of arbitrary URLs. This\nissue was addressed through improved handling of window openers. \nCVE-ID\nCVE-2015-5905 : Keita Haga of keitahaga.com\n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Users may be tracked by malicious websites using client\ncertificates\nDescription:  An issue existed in Safari\u0027s client certificate\nmatching for SSL authentication. This issue was addressed through\nimproved matching of valid client certificates. \nCVE-ID\nCVE-2015-1129 : Stefan Kraus of fluid Operations AG, Sylvain Munaut\nof Whatever s.a. \n\nSafari\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website may lead to user interface\nspoofing\nDescription:  Multiple user interface inconsistencies may have\nallowed a malicious website to display an arbitrary URL. These issues\nwere addressed through improved URL display logic. \nCVE-ID\nCVE-2015-5764 : Antonio Sanso (@asanso) of Adobe\nCVE-2015-5765 : Ron Masas\nCVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa\n\nSafari Safe Browsing\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Navigating to the IP address of a known malicious website\nmay not trigger a security warning\nDescription:  Safari\u0027s Safe Browsing feature did not warn users when\nvisiting known malicious websites by their IP addresses. The issue\nwas addressed through improved malicious site detection. \nRahul M of TagsDoc\n\nSecurity\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious app may be able to intercept communication\nbetween apps\nDescription:  An issue existed that allowed a malicious app to\nintercept URL scheme communication between apps. This was mitigated\nby displaying a dialog when a URL scheme is used for the first time. \nCVE-ID\nCVE-2015-5835 : Teun van Run of FiftyTwoDegreesNorth B.V.; XiaoFeng\nWang of Indiana University, Luyi Xing of Indiana University, Tongxin\nLi of Peking University, Tongxin Li of Peking University, Xiaolong\nBai of Tsinghua University\n\nSiri\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to an iOS device may be able\nto use Siri to read notifications of content that is set not to be\ndisplayed at the lock screen\nDescription:  When a request was made to Siri, client side\nrestrictions were not being checked by the server. This issue was\naddressed through improved restriction checking. \nCVE-ID\nCVE-2015-5892 : Robert S Mozayeni, Joshua Donvito\n\nSpringBoard\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A person with physical access to an iOS device can reply to\nan audio message from the lock screen when message previews from the\nlock screen are disabled\nDescription:  A lock screen issue allowed users to reply to audio\nmessages when message previews were disabled. This issue was\naddressed through improved state management. \nCVE-ID\nCVE-2015-5861 : Daniel Miedema of Meridian Apps\n\nSpringBoard\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to spoof another\napplication\u0027s dialog windows\nDescription:  An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-ID\nCVE-2015-5838 : Min (Spark) Zheng, Hui Xue, Tao (Lenx) Wei, John C.S. \nLui\n\nSQLite\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Multiple vulnerabilities in SQLite v3.8.5\nDescription:  Multiple vulnerabilities existed in SQLite v3.8.5. \nThese issues were addressed by updating SQLite to version 3.8.10.2. \nCVE-ID\nCVE-2015-5895\n\ntidy\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  A memory corruption issue existed in Tidy. This issues\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5522 : Fernando Munoz of NULLGroup.com\nCVE-2015-5523 : Fernando Munoz of NULLGroup.com\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Object references may be leaked between isolated origins on\ncustom events, message events and pop state events\nDescription:  An object leak issue broke the isolation boundary\nbetween origins. This issue was addressed through improved isolation\nbetween origins. \nCVE-ID\nCVE-2015-5827 : Gildas\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription:  Memory corruption issues existed in WebKit. These\nissues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5789 : Apple\nCVE-2015-5790 : Apple\nCVE-2015-5792 : Apple\nCVE-2015-5794 : Apple\nCVE-2015-5795 : Apple\nCVE-2015-5796 : Apple\nCVE-2015-5797 : Apple\nCVE-2015-5799 : Apple\nCVE-2015-5800 : Apple\nCVE-2015-5801 : Apple\nCVE-2015-5802 : Apple\nCVE-2015-5803 : Apple\nCVE-2015-5804 : Apple\nCVE-2015-5805\nCVE-2015-5806 : Apple\nCVE-2015-5807 : Apple\nCVE-2015-5809 : Apple\nCVE-2015-5810 : Apple\nCVE-2015-5811 : Apple\nCVE-2015-5812 : Apple\nCVE-2015-5813 : Apple\nCVE-2015-5817 : Apple\nCVE-2015-5818 : Apple\nCVE-2015-5819 : Apple\nCVE-2015-5821 : Apple\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website may lead to unintended dialing\nDescription:  An issue existed in handling of tel://, facetime://,\nand facetime-audio:// URLs. This issue was addressed through improved\nURL handling. \nCVE-ID\nCVE-2015-5820 : Andrei Neculaesei, Guillaume Ross\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  QuickType may learn the last character of a password in a\nfilled-in web form\nDescription:  An issue existed in WebKit\u0027s handling of password input\ncontext. This issue was addressed through improved input context\nhandling. \nCVE-ID\nCVE-2015-5906 : Louis Romero of Google Inc. \n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker in a privileged network position may be able to\nredirect to a malicious domain\nDescription:  An issue existed in the handling of resource caches on\nsites with invalid certificates. The issue was addressed by rejecting\nthe application cache of domains with invalid certificates. \nCVE-ID\nCVE-2015-5907 : Yaoqi Jia of National University of Singapore (NUS)\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious website may exfiltrate data cross-origin\nDescription:  Safari allowed cross-origin stylesheets to be loaded\nwith non-CSS MIME types which could be used for cross-origin data\nexfiltration. This issue was addressed by limiting MIME types for\ncross-origin stylesheets. \nCVE-ID\nCVE-2015-5826 : filedescriptor, Chris Evans\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  The Performance API may allow a malicious website to leak\nbrowsing history, network activity, and mouse movements\nDescription:  WebKit\u0027s Performance API could have allowed a malicious\nwebsite to leak browsing history, network activity, and mouse\nmovements by measuring time. This issue was addressed by limiting\ntime resolution. \nCVE-ID\nCVE-2015-5825 : Yossi Oren et al. of Columbia University\u0027s Network\nSecurity Lab\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  An attacker in a privileged network position may be able to\nleak sensitive user information\nDescription:  An issue existed with Content-Disposition headers\ncontaining type attachment. This issue was addressed by disallowing\nsome functionality for type attachment pages. \nCVE-ID\nCVE-2015-5921 : Mickey Shkatov of the Intel(r) Advanced Threat\nResearch Team, Daoyuan Wu of Singapore Management University, Rocky\nK. C. Chang of Hong Kong Polytechnic University, Lukasz Pilorz,\nsuperhei of www.knownsec.com\n\nWebKit Canvas\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a malicious website may disclose image data from\nanother website\nDescription:  A cross-origin issue existed with \"canvas\" element\nimages in WebKit. This was addressed through improved tracking of\nsecurity origins. \nCVE-ID\nCVE-2015-5788 : Apple\n\nWebKit Page Loading\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  WebSockets may bypass mixed content policy enforcement\nDescription:  An insufficient policy enforcement issue allowed\nWebSockets to load mixed content. This issue was addressed by\nextending mixed content policy enforcement to WebSockets. \nKevin G Jones of Higher Logic\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"9\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJV+avFAAoJEBcWfLTuOo7tAOsQAKVBs+YG3HuMy0mc0rnpbRtU\n+bjdnzwBeQE6C6Fp/SlZroyYtutnPw9QoFbUpY9Kkcer08uPap6kUAcF72fD51tG\nUYmIe5WvDSMWD98pKsgDGUVfGdU1h135KpSfDgoiQrZK2GAPe2xCDupD42jIPLk2\n3qSyrYnVzfrCZ8uBk9j4gqoF5Ki6JSP/3Qm7hiPfhQXcMyQyIQ+2tJyQcSyGf5OM\nRgkmHwjIjkEb8jwwQ6h4LPMNuvqq8Kv6P4wQQeUl7RdtLJfafmFg+mV7bSmV/b28\nHk5EHQrQJ5fVl9jBFxti6aZrhrNr5yRL9yAdrpNB0rWfDN0z9emyGRrW2vli+Zv+\n0xXBZfAiNVAP53ou4gyVkLDZ+zx5lsWSADU1QWbIR2DY+WXUIN5QJ/ayFkNN9gqD\nWrFGHOc/l+Rq82uQi4ND0jTcYqhBG0MyooJf29orPA2tZeKvrcA4/6w12w6eJ7qA\naW5J+BByErqWft42I/JT3CbnK+GBEDHnj4GAeSMHuNolPNsoH5cv0G4yKigW0zLS\n81AzADTcBtKtaSD9aBAPAL6TTGUySmupF8flhHTMcpZh1MbAqo+bObMXUMvCrmST\nyq+5/R0gVuMN0BQ7adwI0akYApuqrNi/Mp9zT+JlU2wiSfaHm58Ugf8YAmc+sfjT\nrHWi1bvzskkrxRfuQ4mX\n=MnPh\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04746490\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04746490\nVersion: 1\n\nHPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows,\nMultiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-07-20\nLast Updated: 2015-07-20\n\nPotential Security Impact: Remote Denial of Service (DoS), cross-site request\nforgery (CSRF), execution of arbitrary code, unauthorized modification,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nMultiple potential security vulnerabilities have been identified with HP\nSystem Management Homepage (SMH) on Linux and Windows. The vulnerabilities\ncould be exploited remotely resulting in Denial of Service (DoS), Cross-site\nRequest Forgery (CSRF), execution of arbitrary code, unauthorized\nmodification, unauthorized access, or disclosure of information. \n\nReferences:\n\nCVE-2014-0118 - Remote Denial of Service (DoS)\nCVE-2014-0226 - Remote Denial of Service (DoS)\nCVE-2014-0231 - Remote Denial of Service (DoS)\nCVE-2014-3523 - Remote Denial of Service (DoS)\nCVE-2014-3569 - Remote Denial of Service (DoS)\nCVE-2014-3570 - Remote Disclosure of Information\nCVE-2014-3571 - Remote Denial of Service (DoS)\nCVE-2014-3572 - Remote Disclosure of Information\nCVE-2014-8142 - Remote Code Execution\nCVE-2014-8275 - Unauthorized Modification\nCVE-2014-9427 - Remote Disclosure of Information\nCVE-2014-9652 - Remote Denial of Service (DoS)\nCVE-2014-9653 - Remote Denial of Service (DoS)\nCVE-2014-9705 - Remote Code Execution\nCVE-2015-0204 - Remote Disclosure of Information\nCVE-2015-0205 - Remote Unauthorized Access\nCVE-2015-0206 - Remote Denial of Service (DoS)\nCVE-2015-0207 - Remote Denial of Service (DoS)\nCVE-2015-0208 - Remote Denial of Service (DoS)\nCVE-2015-0209 - Remote Denial of Service (DoS)\nCVE-2015-0231 - Remote Denial of Service (DoS)\nCVE-2015-0232 - Remote Denial of Service (DoS), Execution of Arbitrary Code\nCVE-2015-0273 - Remote Execution of Arbitrary Code\nCVE-2015-0285 - Remote Disclosure of Information\nCVE-2015-0286 - Remote Denial of Service (DoS)\nCVE-2015-0287 - Remote Denial of Service (DoS)\nCVE-2015-0288 - Remote Denial of Service (DoS)\nCVE-2015-0289 - Remote Denial of Service (DoS)\nCVE-2015-0290 - Remote Denial of Service (DoS)\nCVE-2015-0291 - Remote Denial of Service (DoS)\nCVE-2015-0292 - Remote Denial of Service (DoS)\nCVE-2015-0293 - Remote Denial of Service (DoS)\nCVE-2015-1787 - Remote Denial of Service (DoS)\nCVE-2015-2301 - Remote Execution of Arbitrary Code\nCVE-2015-2331 - Remote Denial of Service (DoS), Execution of Arbitrary Code\nCVE-2015-2348 - Unauthorized Modification\nCVE-2015-2787 - Remote Execution of Arbitrary Code\nCVE-2015-2134 - Cross-site Request Forgery (CSRF)\nSSRT102109\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) prior to version 7.5.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2014-0118    (AV:N/AC:M/Au:N/C:N/I:N/A:P)       4.3\nCVE-2014-0226    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8\nCVE-2014-0231    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2014-3523    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2014-3569    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2014-3570    (AV:N/AC:L/Au:N/C:P/I:N/A:N)       5.0\nCVE-2014-3571    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2014-3572    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\nCVE-2014-8142    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2014-8275    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\nCVE-2014-9427    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2014-9652    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2014-9653    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2014-9705    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-0204    (AV:N/AC:M/Au:N/C:N/I:P/A:N)       4.3\nCVE-2015-0205    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\nCVE-2015-0206    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0207    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0208    (AV:N/AC:M/Au:N/C:N/I:N/A:P)       4.3\nCVE-2015-0209    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8\nCVE-2015-0231    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-0232    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8\nCVE-2015-0273    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-0285    (AV:N/AC:M/Au:N/C:P/I:N/A:N)       4.3\nCVE-2015-0286    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0287    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0288    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0289    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0290    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0291    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0292    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-0293    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-1787    (AV:N/AC:H/Au:N/C:N/I:N/A:P)       2.6\nCVE-2015-2301    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-2331    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-2348    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\nCVE-2015-2787    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-2134    (AV:N/AC:M/Au:S/C:P/I:P/A:P)       6.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities for the impacted versions of HP System Management Homepage\n(SMH). \n\n  Please download the latest version of HP System Management Homepage (7.5.0)\nfrom the following location:\n\n    http://www.hp.com/go/smh\n\nHISTORY\nVersion:1 (rev.1) - 20 July 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-15:06.openssl                                    Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Multiple OpenSSL vulnerabilities\n\nCategory:       contrib\nModule:         openssl\nAnnounced:      2015-03-19\nAffects:        All supported versions of FreeBSD. \nCorrected:      2015-03-19 17:40:43 UTC (stable/10, 10.1-STABLE)\n                2015-03-19 17:42:38 UTC (releng/10.1, 10.1-RELEASE-p7)\n                2015-03-19 17:40:43 UTC (stable/9, 9.3-STABLE)\n                2015-03-19 17:42:38 UTC (releng/9.3, 9.3-RELEASE-p11)\n                2015-03-19 17:40:43 UTC (stable/8, 8.4-STABLE)\n                2015-03-19 17:42:38 UTC (releng/8.4, 8.4-RELEASE-p25)\nCVE Name:       CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288,\n                CVE-2015-0289, CVE-2015-0293\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI.   Background\n\nFreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nAbstract Syntax Notation One (ASN.1) is a standard and notation that\ndescribes rules and structures for representing, encoding, transmitting,\nand decoding data in telecommunications and computer networking, which\nenables representation of objects that are independent of machine-specific\nencoding technique. \n\nII.  [CVE-2015-0293]\n\nIII. Impact\n\nA malformed elliptic curve private key file can cause server daemons using\nOpenSSL to crash, resulting in a Denial of Service.  [CVE-2015-0209]\n\nA remote attacker who is able to send specifically crafted certificates\nmay be able to crash an OpenSSL client or server. [CVE-2015-0287]\n\nAn attacker may be able to crash applications that create a new certificate\nrequest with subject name the same as in an existing, specifically crafted\ncertificate. \n\nIV.  Workaround\n\nNo workaround is available.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.4 and FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-0.9.8.patch.asc\n# gpg --verify openssl-0.9.8.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-15:06/openssl-1.0.1.patch.asc\n# gpg --verify openssl-1.0.1.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI.  Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/8/                                                         r280266\nreleng/8.4/                                                       r280268\nstable/9/                                                         r280266\nreleng/9.3/                                                       r280268\nstable/10/                                                        r280266\nreleng/10.1/                                                      r280268\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1m-i486-1_slack14.1.txz:  Upgraded. \n  Fixes several bugs and security issues:\n   o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286)\n   o ASN.1 structure reuse memory corruption fix (CVE-2015-0287)\n   o PKCS7 NULL pointer dereferences fix (CVE-2015-0289)\n   o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293)\n   o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209)\n   o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288)\n   o Removed the export ciphers from the DEFAULT ciphers\n  For more information, see:\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zf-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zf-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zf-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zf-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zf-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zf-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1m-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1m-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1m-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1m-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1m-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1m-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1m-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1m-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1m-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1m-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1m-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1m-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n9ba57b2971962ceb6205ec7b7e6b84e7  openssl-0.9.8zf-i486-1_slack13.0.txz\n706ef57bb71992961584a3d957c5dbcb  openssl-solibs-0.9.8zf-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n5f581b663798eacc8e7df4c292f33dbf  openssl-0.9.8zf-x86_64-1_slack13.0.txz\nfe5f33f4d2db08b4f8d724e62bf6e514  openssl-solibs-0.9.8zf-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n1ef0ba15454da786993361c927084438  openssl-0.9.8zf-i486-1_slack13.1.txz\n2b3e20bcaa77f39512b6edcbc41b5471  openssl-solibs-0.9.8zf-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\nf8fae10a1936cf900d362b65d9b2c8df  openssl-0.9.8zf-x86_64-1_slack13.1.txz\n0093e35c46382eeef03a51421895ed65  openssl-solibs-0.9.8zf-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n7d4dd0f76252c98622a5f5939f6f0674  openssl-0.9.8zf-i486-1_slack13.37.txz\ne5cde01c0773ac78d33964e4107878df  openssl-solibs-0.9.8zf-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n379424e15bd378e00a5ba0c709432429  openssl-0.9.8zf-x86_64-1_slack13.37.txz\n54832ad7e5440ce1c496be47fec9140d  openssl-solibs-0.9.8zf-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n8abafa33d2bf90b6cd8be849c0d9a643  openssl-1.0.1m-i486-1_slack14.0.txz\nbac56213a540586d801d7b57608396de  openssl-solibs-1.0.1m-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\nb4c6c971e74b678c68671feed18fa7dc  openssl-1.0.1m-x86_64-1_slack14.0.txz\nacac871e22b5de998544c2f6431c0139  openssl-solibs-1.0.1m-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\nc1f47f1f1ba5a13d6ac2ef2ae48bfb4c  openssl-1.0.1m-i486-1_slack14.1.txz\nb7b1761ae1585f406d303273812043d3  openssl-solibs-1.0.1m-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n1c6e11e2e3454836d5a3e9243f7c7738  openssl-1.0.1m-x86_64-1_slack14.1.txz\n25b7a704816a2123463ddbfabbc1b86d  openssl-solibs-1.0.1m-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n0926b2429e1326c8ab9bcbbda056dc66  a/openssl-solibs-1.0.1m-i486-1.txz\nb6252d0f141eba7b0a8e8c5bbdc314f0  n/openssl-1.0.1m-i486-1.txz\n\nSlackware x86_64 -current packages:\n99b903f556c7a2d5ec283f04c2f5a650  a/openssl-solibs-1.0.1m-x86_64-1.txz\n9ecb47e0b70bd7f8064c96fb2211c4b7  n/openssl-1.0.1m-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1m-i486-1_slack14.1.txz openssl-solibs-1.0.1m-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release\nAdvisory ID:       RHSA-2016:2957-01\nProduct:           Red Hat JBoss Core Services\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-2957.html\nIssue date:        2016-12-15\nCVE Names:         CVE-2012-1148 CVE-2014-3523 CVE-2014-8176 \n                   CVE-2015-0209 CVE-2015-0286 CVE-2015-3185 \n                   CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 \n                   CVE-2015-3216 CVE-2016-0702 CVE-2016-0705 \n                   CVE-2016-0797 CVE-2016-0799 CVE-2016-1762 \n                   CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 \n                   CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 \n                   CVE-2016-1839 CVE-2016-1840 CVE-2016-2105 \n                   CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 \n                   CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 \n                   CVE-2016-2842 CVE-2016-3627 CVE-2016-3705 \n                   CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 \n                   CVE-2016-4459 CVE-2016-4483 CVE-2016-5419 \n                   CVE-2016-5420 CVE-2016-6808 CVE-2016-7141 \n                   CVE-2016-8612 \n=====================================================================\n\n1. Summary:\n\nRed Hat JBoss Core Services httpd 2.4.23 is now available from the Red Hat\nCustomer Portal for Solaris and Microsoft Windows systems. \n\nRed Hat Product Security has rated this release as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Description:\n\nThis release of Red Hat JBoss Core Services httpd 2.4.23 serves as a\nreplacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176,\nCVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196,\nCVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nCVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. (CVE-2012-1148)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-8176, CVE-2015-0286, CVE-2016-2108, CVE-2016-2105, CVE-2016-2106,\nCVE-2016-2107, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nand CVE-2016-2842. Upstream acknowledges Stephen Henson (OpenSSL development team)\nas the original reporter of CVE-2015-0286; Huzaifa Sidhpurwala (Red Hat),\nHanno BAPck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2105,\nCVE-2016-2106, CVE-2016-0797, CVE-2016-0799, and CVE-2016-2842; Juraj\nSomorovsky as the original reporter of CVE-2016-2107; Yuval Yarom\n(University of Adelaide and NICTA), Daniel Genkin (Technion and Tel Aviv\nUniversity), and Nadia Heninger (University of Pennsylvania) as the\noriginal reporters of CVE-2016-0702; and Adam Langley (Google/BoringSSL) as\nthe original reporter of CVE-2016-0705. \n\nSee the corresponding CVE pages linked to in the References section for\nmore information about each of the flaws listed in this advisory. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. Bugs fixed (https://bugzilla.redhat.com/):\n\n801648 - CVE-2012-1148 expat: Memory leak in poolGrow\n1121519 - CVE-2014-3523 httpd: WinNT MPM denial of service\n1196737 - CVE-2015-0209 openssl: use-after-free on invalid EC private key import\n1202366 - CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp()\n1227574 - CVE-2015-3216 openssl: Crash in ssleay_rand_bytes due to locking regression\n1228611 - CVE-2014-8176 OpenSSL: Invalid free in DTLS\n1243888 - CVE-2015-3185 httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4\n1288320 - CVE-2015-3194 OpenSSL: Certificate verify crash with missing PSS parameter\n1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak\n1288326 - CVE-2015-3196 OpenSSL: Race condition handling PSK identify hint\n1310596 - CVE-2016-0705 OpenSSL: Double-free in DSA code\n1310599 - CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation\n1311880 - CVE-2016-0797 OpenSSL: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption\n1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions\n1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds\n1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode\n1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data\n1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder\n1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check\n1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow\n1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow\n1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file\n1332820 - CVE-2016-4483 libxml2: out-of-bounds read\n1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar\n1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName\n1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs\n1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral\n1338700 - CVE-2016-4448 libxml2: Format string vulnerability\n1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content\n1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey\n1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString\n1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal\n1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup\n1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat\n1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar\n1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1362183 - CVE-2016-5419 curl: TLS session resumption client cert bypass\n1362190 - CVE-2016-5420 curl: Re-using connection with wrong client cert\n1373229 - CVE-2016-7141 curl: Incorrect reuse of client certificates\n1382352 - CVE-2016-6808 mod_jk: Buffer overflow when concatenating virtual host name and URI\n1387605 - CVE-2016-8612 JBCS mod_cluster: Protocol parsing logic error\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6. References:\n\nhttps://access.redhat.com/security/cve/CVE-2012-1148\nhttps://access.redhat.com/security/cve/CVE-2014-3523\nhttps://access.redhat.com/security/cve/CVE-2014-8176\nhttps://access.redhat.com/security/cve/CVE-2015-0209\nhttps://access.redhat.com/security/cve/CVE-2015-0286\nhttps://access.redhat.com/security/cve/CVE-2015-3185\nhttps://access.redhat.com/security/cve/CVE-2015-3194\nhttps://access.redhat.com/security/cve/CVE-2015-3195\nhttps://access.redhat.com/security/cve/CVE-2015-3196\nhttps://access.redhat.com/security/cve/CVE-2015-3216\nhttps://access.redhat.com/security/cve/CVE-2016-0702\nhttps://access.redhat.com/security/cve/CVE-2016-0705\nhttps://access.redhat.com/security/cve/CVE-2016-0797\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-1762\nhttps://access.redhat.com/security/cve/CVE-2016-1833\nhttps://access.redhat.com/security/cve/CVE-2016-1834\nhttps://access.redhat.com/security/cve/CVE-2016-1835\nhttps://access.redhat.com/security/cve/CVE-2016-1836\nhttps://access.redhat.com/security/cve/CVE-2016-1837\nhttps://access.redhat.com/security/cve/CVE-2016-1838\nhttps://access.redhat.com/security/cve/CVE-2016-1839\nhttps://access.redhat.com/security/cve/CVE-2016-1840\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/cve/CVE-2016-3627\nhttps://access.redhat.com/security/cve/CVE-2016-3705\nhttps://access.redhat.com/security/cve/CVE-2016-4447\nhttps://access.redhat.com/security/cve/CVE-2016-4448\nhttps://access.redhat.com/security/cve/CVE-2016-4449\nhttps://access.redhat.com/security/cve/CVE-2016-4459\nhttps://access.redhat.com/security/cve/CVE-2016-4483\nhttps://access.redhat.com/security/cve/CVE-2016-5419\nhttps://access.redhat.com/security/cve/CVE-2016-5420\nhttps://access.redhat.com/security/cve/CVE-2016-6808\nhttps://access.redhat.com/security/cve/CVE-2016-7141\nhttps://access.redhat.com/security/cve/CVE-2016-8612\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=distributions\u0026version=2.4.23\nhttps://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. ============================================================================\nUbuntu Security Notice USN-2537-1\nMarch 19, 2015\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nIt was discovered that OpenSSL incorrectly handled malformed EC private key\nfiles. (CVE-2015-0293)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n  libssl1.0.0                     1.0.1f-1ubuntu9.4\n\nUbuntu 14.04 LTS:\n  libssl1.0.0                     1.0.1f-1ubuntu2.11\n\nUbuntu 12.04 LTS:\n  libssl1.0.0                     1.0.1-4ubuntu5.25\n\nUbuntu 10.04 LTS:\n  libssl0.9.8                     0.9.8k-7ubuntu8.27\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update\n2015-005\n\nOS X Yosemite v10.10.4 and Security Update 2015-005 are now available\nand address the following:\n\nAdmin Framework\nAvailable for:  OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  A process may gain admin privileges without proper\nauthentication\nDescription:  An issue existed when checking XPC entitlements. \nCVE-ID\nCVE-2015-3671 : Emil Kvarnhammar at TrueSec\n\nAdmin Framework\nAvailable for:  OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  A non-admin user may obtain admin rights\nDescription:  An issue existed in the handling of user\nauthentication. \nCVE-ID\nCVE-2015-3672 : Emil Kvarnhammar at TrueSec\n\nAdmin Framework\nAvailable for:  OS X Yosemite v10.10 to v10.10.3\nImpact:  An attacker may abuse Directory Utility to gain root\nprivileges\nDescription:  Directory Utility was able to be moved and modified to\nachieve code execution within an entitled process. \nCVE-ID\nCVE-2015-3674 : Dean Jerkovich of NCC Group\n\napache\nAvailable for:  OS X Yosemite v10.10 to v10.10.3\nImpact:  An attacker may be able to access directories that are\nprotected with HTTP authentication without knowing the correct\ncredentials\nDescription:  The default Apache configuration did not include\nmod_hfs_apple. If Apache was manually enabled and the configuration\nwas not changed, some files that should not be accessible might have\nbeen accessible using a specially crafted URL. \nCVE-ID\nCVE-2015-1157\nCVE-2015-3685 : Apple\nCVE-2015-3686 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3687 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3688 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-3689 : Apple\n\ncoreTLS\nAvailable for:  OS X Yosemite v10.10 to v10.10.3\nImpact:  An attacker with a privileged network position may intercept\nSSL/TLS connections\nDescription:  coreTLS accepted short ephemeral Diffie-Hellman (DH)\nkeys, as used in export-strength ephemeral DH cipher suites. This\nissue, also known as Logjam, allowed an attacker with a privileged\nnetwork position to downgrade security to 512-bit DH if the server\nsupported an export-strength ephemeral DH cipher suite. The issue was\naddressed by increasing the default minimum size allowed for DH\nephemeral keys to 768 bits. \nCVE-ID\nCVE-2015-3692 : Trammell Hudson of Two Sigma Investments, Xeno Kovah\nand Corey Kallenberg of LegbaCore LLC, Pedro Vilaca\n\nEFI\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  A malicious application may induce memory corruption to\nescalate privileges\nDescription:  A disturbance error, also known as Rowhammer, exists\nwith some DDR3 RAM that could have led to memory corruption. \nCVE-ID\nCVE-2015-3712 : Ian Beer of Google Project Zero\n\nIntel Graphics Driver\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  Multiple buffer overflow issues exist in the Intel graphics\ndriver, the most serious of which may lead to arbitrary code\nexecution with system privileges\nDescription:  Multiple buffer overflow issues existed in the Intel\ngraphics driver. \nCVE-ID\nCVE-2015-3695 : Ian Beer of Google Project Zero\nCVE-2015-3696 : Ian Beer of Google Project Zero\nCVE-2015-3697 : Ian Beer of Google Project Zero\nCVE-2015-3698 : Ian Beer of Google Project Zero\nCVE-2015-3699 : Ian Beer of Google Project Zero\nCVE-2015-3700 : Ian Beer of Google Project Zero\nCVE-2015-3701 : Ian Beer of Google Project Zero\nCVE-2015-3702 : KEEN Team\n\nImageIO\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  Multiple vulnerabilities existed in libtiff, the most\nserious of which may lead to arbitrary code execution\nDescription:  Multiple vulnerabilities existed in libtiff versions\nprior to 4.0.4. \nCVE-ID\nCVE-2015-3709 : Ian Beer of Google Project Zero\n\nMail\nAvailable for:  OS X Yosemite v10.10 to v10.10.3\nImpact:  A maliciously crafted email can replace the message content\nwith an arbitrary webpage when the message is viewed\nDescription:  An issue existed in the support for HTML email which\nallowed message content to be refreshed with an arbitrary webpage. \nCVE-ID\nCVE-2015-3711 : Peter Rutenbar working with HP\u0027s Zero Day Initiative\n\nntp\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  An attacker in a privileged position may be able to perform\na denial of service attack against two ntp clients\nDescription:  Multiple issues existed in the authentication of ntp\npackets being received by configured end-points. Geshev working with HP\u0027s Zero Day Initiative\nCVE-2015-3662 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3663 : kdot working with HP\u0027s Zero Day Initiative\nCVE-2015-3666 : Steven Seeley of Source Incite working with HP\u0027s Zero\nDay Initiative\nCVE-2015-3667 : Ryan Pentney, Richard Johnson of Cisco Talos and Kai\nLu of Fortinet\u0027s FortiGuard Labs, Ryan Pentney, and Richard Johnson\nof Cisco Talos and Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3668 : Kai Lu of Fortinet\u0027s FortiGuard Labs\nCVE-2015-3713 : Apple\n\nSecurity\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  A remote attacker may cause an unexpected application\ntermination or arbitrary code execution\nDescription:  An integer overflow existed in the Security framework\ncode for parsing S/MIME e-mail and some other signed or encrypted\nobjects. \nCVE-ID\nCVE-2013-1741\n\nSecurity\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  Tampered applications may not be prevented from launching\nDescription:  Apps using custom resource rules may have been\nsusceptible to tampering that would not have invalidated the\nsignature. \nCVE-ID\nCVE-2015-3715 : Patrick Wardle of Synack\n\nSpotlight\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.3\nImpact:  Searching for a malicious file with Spotlight may lead to\ncommand injection\nDescription:  A command injection vulnerability existed in the\nhandling of filenames of photos added to the local photo library. By sending a maliciously\nformatted message to systemstatsd, it may have been possible to\nexecute arbitrary code as the systemstatsd process. \nCVE-ID\n\nCVE-2014-8139\nCVE-2014-8140\nCVE-2014-8141\n\n\nOS X Yosemite 10.10.4 includes the security content of Safari 8.0.7",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          },
          {
            "db": "BID",
            "id": "73225"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0286"
          },
          {
            "db": "PACKETSTORM",
            "id": "130912"
          },
          {
            "db": "PACKETSTORM",
            "id": "133317"
          },
          {
            "db": "PACKETSTORM",
            "id": "130933"
          },
          {
            "db": "PACKETSTORM",
            "id": "133616"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "130932"
          },
          {
            "db": "PACKETSTORM",
            "id": "131585"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "130914"
          },
          {
            "db": "PACKETSTORM",
            "id": "132518"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-0286",
            "trust": 3.0
          },
          {
            "db": "BID",
            "id": "73225",
            "trust": 2.0
          },
          {
            "db": "JUNIPER",
            "id": "JSA10680",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1032917",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1031929",
            "trust": 1.7
          },
          {
            "db": "MCAFEE",
            "id": "SB10110",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-412672",
            "trust": 1.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-22-349-21",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0286",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130912",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133317",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130933",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133616",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132763",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130932",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131585",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130914",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132518",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0286"
          },
          {
            "db": "BID",
            "id": "73225"
          },
          {
            "db": "PACKETSTORM",
            "id": "130912"
          },
          {
            "db": "PACKETSTORM",
            "id": "133317"
          },
          {
            "db": "PACKETSTORM",
            "id": "130933"
          },
          {
            "db": "PACKETSTORM",
            "id": "133616"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "130932"
          },
          {
            "db": "PACKETSTORM",
            "id": "131585"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "130914"
          },
          {
            "db": "PACKETSTORM",
            "id": "132518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          }
        ]
      },
      "id": "VAR-201503-0055",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.22222222
      },
      "last_update_date": "2026-03-09T23:25:56.069000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "openssl-1.0.0r",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=54508"
          },
          {
            "title": "openssl-0.9.8zf",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=54507"
          },
          {
            "title": "openssl-1.0.2a",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=54510"
          },
          {
            "title": "openssl-1.0.1m",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=54509"
          },
          {
            "title": "Red Hat: CVE-2015-0286",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-0286"
          },
          {
            "title": "Ubuntu Security Notice: openssl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2537-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-498",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-498"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory"
          },
          {
            "title": "Tenable Security Advisories: [R6] OpenSSL \u002720150319\u0027 Advisory Affects Tenable Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-04"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2a43c5799a7dd07d6c0a92a3b040d12f"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150320-openssl"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
          },
          {
            "title": "Symantec Security Advisories: SA92 : OpenSSL Security Advisory 19-Mar-2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=07adc2b6f5910b64efc7296f227b9f10"
          },
          {
            "title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2015-0286 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0286"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-17",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.1,
            "url": "https://www.openssl.org/news/secadv_20150319.txt"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "trust": 2.0,
            "url": "https://support.citrix.com/article/ctx216642"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-2537-1"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/73225"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202366"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/152844.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/152733.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-march/152734.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2015/dsa-3197"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.freebsd.org/security/advisories/freebsd-sa-15%3a06.openssl.asc"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1031929"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0716.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:063"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0752.html"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0715.html"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=142841429220765\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "https://access.redhat.com/articles/1384453"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/156823.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157177.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht204942"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht205212"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/ht205267"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
          },
          {
            "trust": 1.7,
            "url": "https://bto.bluecoat.com/security-advisory/sa92"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.fortiguard.com/advisory/2015-03-24-openssl-vulnerabilities-march-2015"
          },
          {
            "trust": 1.7,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10680"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
          },
          {
            "trust": 1.7,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10110"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1032917"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1"
          },
          {
            "trust": 1.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
          },
          {
            "trust": 0.6,
            "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
          },
          {
            "trust": 0.3,
            "url": "http://openssl.org/"
          },
          {
            "trust": 0.3,
            "url": "https://www.alienvault.com/forums/discussion/4885/security-advisory-alienvault-v5-0-"
          },
          {
            "trust": 0.3,
            "url": "https://support.asperasoft.com/entries/93038317-security-bulletin-vulnerabilities-in-openssl"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/apr/37"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/aug/137"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/aug/134"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/aug/136"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04679334"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005226"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005241"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005254"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958089"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21961293"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962334"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966177"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098144"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020693"
          },
          {
            "trust": 0.3,
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory13.asc"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958903"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963024"
          },
          {
            "trust": 0.3,
            "url": "https://www.openssl.org/news/vulnerabilities.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-04-16.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://networks.unify.com/security/advisories/obso-1512-01.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005341"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964676"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701028"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005375"
          },
          {
            "trust": 0.3,
            "url": "www-01.ibm.com/support/docview.wss?uid=swg21701256"
          },
          {
            "trust": 0.3,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10680\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21882710"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022183"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964164"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903799"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022382"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701238"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099273"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902449"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902277"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882644"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701054"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957922"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902544"
          },
          {
            "trust": 0.3,
            "url": "www-01.ibm.com/support/docview.wss?uid=swg21701086"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21702160"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903269"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022367"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883028"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098141"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902519"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020716"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022103"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902673"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883593"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099272"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700167"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005257"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903425"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21722409"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700411"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960212"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960210"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701354"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21883249"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961179"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098564"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098563"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098568"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964410"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964686"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?rs=630\u0026uid=swg21970748"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960588"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960668"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903261"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694849"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903729"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701326"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883221"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883222"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21713653"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701334"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21882955"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0292"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-0286"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
          },
          {
            "trust": 0.2,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
          },
          {
            "trust": 0.2,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
          },
          {
            "trust": 0.2,
            "url": "https://support.apple.com/en-"
          },
          {
            "trust": 0.2,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.2,
            "url": "http://gpgtools.org"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/17.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2537-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39581"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5432"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0290"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0291"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/about/releasestrat.html),"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/about/secpolicy.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1787"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5800"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5765"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/itunes/"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5802"
          },
          {
            "trust": 0.1,
            "url": "https://www.knownsec.com"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5795"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5788"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5799"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8146"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5797"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5794"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1129"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5791"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3951"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5522"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5789"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1205"
          },
          {
            "trust": 0.1,
            "url": "https://www.safeye.org)"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5793"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5764"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8611"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5523"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5801"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5796"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5790"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3801"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5792"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5767"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5748"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com/go/smh"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-15:06/openssl-1.0.1.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-15:06/openssl-0.9.8.patch"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-15:06.openssl.asc\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-15:06/openssl-1.0.1.patch"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/news/secadv_20150319.txt\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://security.freebsd.org/patches/sa-15:06/openssl-0.9.8.patch.asc"
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://issues.jboss.org/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4448"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6808"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2177"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4483"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2842"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-8612"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4449"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5420"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2178"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2108"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3627"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5419"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4459"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4447"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-7141"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.27"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.11"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.25"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu9.4"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3673"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8141"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8140"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
          },
          {
            "trust": 0.1,
            "url": "http://support.apple.com/kb/ht1222"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/en-us/ht204938"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3672"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8127"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3661"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3671"
          },
          {
            "trust": 0.1,
            "url": "http://www.apple.com/support/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1741"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8128"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8130"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8139"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3662"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8129"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1157"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/en-us/ht204950"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3663"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3668"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1799"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3666"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1798"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3667"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0286"
          },
          {
            "db": "BID",
            "id": "73225"
          },
          {
            "db": "PACKETSTORM",
            "id": "130912"
          },
          {
            "db": "PACKETSTORM",
            "id": "133317"
          },
          {
            "db": "PACKETSTORM",
            "id": "130933"
          },
          {
            "db": "PACKETSTORM",
            "id": "133616"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "130932"
          },
          {
            "db": "PACKETSTORM",
            "id": "131585"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "130914"
          },
          {
            "db": "PACKETSTORM",
            "id": "132518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0286"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0286",
            "ident": null
          },
          {
            "db": "BID",
            "id": "73225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130912",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "133317",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130933",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "133616",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132763",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130932",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131585",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130914",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132518",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0286",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-03-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-0286",
            "ident": null
          },
          {
            "date": "2015-03-19T00:00:00",
            "db": "BID",
            "id": "73225",
            "ident": null
          },
          {
            "date": "2015-03-20T04:42:01",
            "db": "PACKETSTORM",
            "id": "130912",
            "ident": null
          },
          {
            "date": "2015-08-26T01:33:18",
            "db": "PACKETSTORM",
            "id": "133317",
            "ident": null
          },
          {
            "date": "2015-03-20T05:46:26",
            "db": "PACKETSTORM",
            "id": "130933",
            "ident": null
          },
          {
            "date": "2015-09-19T15:18:18",
            "db": "PACKETSTORM",
            "id": "133616",
            "ident": null
          },
          {
            "date": "2015-07-21T13:37:51",
            "db": "PACKETSTORM",
            "id": "132763",
            "ident": null
          },
          {
            "date": "2015-03-20T05:41:10",
            "db": "PACKETSTORM",
            "id": "130932",
            "ident": null
          },
          {
            "date": "2015-04-22T20:14:53",
            "db": "PACKETSTORM",
            "id": "131585",
            "ident": null
          },
          {
            "date": "2016-12-16T16:34:49",
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "date": "2015-03-20T04:43:46",
            "db": "PACKETSTORM",
            "id": "130914",
            "ident": null
          },
          {
            "date": "2015-07-01T05:31:53",
            "db": "PACKETSTORM",
            "id": "132518",
            "ident": null
          },
          {
            "date": "2015-03-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201503-398",
            "ident": null
          },
          {
            "date": "2015-03-19T22:59:04.677000",
            "db": "NVD",
            "id": "CVE-2015-0286",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-0286",
            "ident": null
          },
          {
            "date": "2017-05-02T03:08:00",
            "db": "BID",
            "id": "73225",
            "ident": null
          },
          {
            "date": "2022-12-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201503-398",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-0286",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "130914"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "OpenSSL \u2018 ASN1_TYPE_cmp \u0027Function security vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "_id": null,
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-398"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201501-0338

    Vulnerability from variot - Updated: 2026-03-09 22:30

    The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is" FREAK It is also called “attack”. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Description:

    Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.

    This release serves as a replacement for Red Hat JBoss Web Server 2.1.0, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.1 Release Notes, linked to in the References section, for information on the most significant of these changes.

    Security Fix(es):

    • It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-2106)

    • It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). Solution:

    Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).

    The References section of this erratum contains a download link (you must log in to download the update).

    Release Date: 2015-05-19 Last Updated: 2015-05-19

    Potential Security Impact: Remote Denial of Service (DoS) and other vulnerabilities

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities.

    References:

    CVE-2015-0204 CVE-2015-0286 CVE-2015-0287 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-0209 CVE-2015-0288 SSRT102000

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before v0.9.8zf

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2015-0204 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-0286 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0287 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0289 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2015-0293 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0209 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2015-0288 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has provided the following updates to resolve these vulnerabilities. The updates are available from the following URL:

    https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =OPENSSL11I

    HP-UX Release HP-UX OpenSSL depot name

    B.11.11 (11i v1) OpenSSL_A.00.09.08zf.001_HP-UX_B.11.11_32_64.depot

    B.11.23 (11i v2) OpenSSL_A.00.09.08zf.002_HP-UX_B.11.23_IA-PA.depot

    B.11.31 (11i v3) OpenSSL_A.00.09.08zf.003_HP-UX_B.11.31_IA-PA.depot

    MANUAL ACTIONS: Yes - Update

    Install HP-UX OpenSSL A.00.09.08zf or subsequent

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS

    HP-UX B.11.11

    openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.001 or subsequent

    HP-UX B.11.23

    openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.002 or subsequent

    HP-UX B.11.31

    openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zf.003 or subsequent

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) - 20 May 2015 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

    Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

    Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

    HP ThinPro Linux (x86) v5.1 HP ThinPro Linux (x86) v5.0 HP ThinPro Linux (x86) v4.4 HP ThinPro Linux (x86) v4.3 HP ThinPro Linux (x86) v4.2 HP ThinPro Linux (x86) v4.1 HP ThinPro Linux (ARM) v4.4 HP ThinPro Linux (ARM) v4.3 HP ThinPro Linux (ARM) v4.2 HP ThinPro Linux (ARM) v4.1

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2014-3569 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3570 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2014-3571 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3572 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2014-8275 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0204 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0205 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-0206 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP has released the following software updates to resolve the vulnerability for HP ThinPro Linux.

    Softpaq: http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe

    Easy Update Via ThinPro / EasyUpdate (x86):

    http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-x86.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all- 4.4-x86.xar

    http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar

    http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all- 5.0-5.1-x86.xar

    Via ThinPro / EasyUpdate (ARM):

    http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all- 4.1-4.3-armel.xar

    http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all- 4.4-armel.xar

    Note: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch applied, VMware cannot connect if security level is set to "Refuse insecure connections". Updating VMware to the latest package on ftp.hp.com will solve the problem. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Moderate: openssl security update Advisory ID: RHSA-2015:0800-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0800.html Issue date: 2015-04-13 CVE Names: CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 =====================================================================

    1. Summary:

    Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5

    Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

    1. Description:

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2015-0204)

    An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292)

    A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2014-8275)

    An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. (CVE-2015-0287)

    A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288)

    A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289)

    Red Hat would like to thank the OpenSSL project for reporting CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and CVE-2015-0293. Upstream acknowledges Emilia Käsper of the OpenSSL development team as the original reporter of CVE-2015-0287, Brian Carpenter as the original reporter of CVE-2015-0288, Michal Zalewski of Google as the original reporter of CVE-2015-0289, Robert Dugal and David Ramos as the original reporters of CVE-2015-0292, and Sean Burford of Google and Emilia Käsper of the OpenSSL development team as the original reporters of CVE-2015-0293.

    All openssl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    For details on how to apply this update, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK) 1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues 1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption 1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference 1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding 1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 5 client):

    Source: openssl-0.9.8e-33.el5_11.src.rpm

    i386: openssl-0.9.8e-33.el5_11.i386.rpm openssl-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-perl-0.9.8e-33.el5_11.i386.rpm

    x86_64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.x86_64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-perl-0.9.8e-33.el5_11.x86_64.rpm

    RHEL Desktop Workstation (v. 5 client):

    Source: openssl-0.9.8e-33.el5_11.src.rpm

    i386: openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm

    x86_64: openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.x86_64.rpm

    Red Hat Enterprise Linux (v. 5 server):

    Source: openssl-0.9.8e-33.el5_11.src.rpm

    i386: openssl-0.9.8e-33.el5_11.i386.rpm openssl-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-perl-0.9.8e-33.el5_11.i386.rpm

    ia64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.ia64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.ia64.rpm openssl-devel-0.9.8e-33.el5_11.ia64.rpm openssl-perl-0.9.8e-33.el5_11.ia64.rpm

    ppc: openssl-0.9.8e-33.el5_11.ppc.rpm openssl-0.9.8e-33.el5_11.ppc64.rpm openssl-debuginfo-0.9.8e-33.el5_11.ppc.rpm openssl-debuginfo-0.9.8e-33.el5_11.ppc64.rpm openssl-devel-0.9.8e-33.el5_11.ppc.rpm openssl-devel-0.9.8e-33.el5_11.ppc64.rpm openssl-perl-0.9.8e-33.el5_11.ppc.rpm

    s390x: openssl-0.9.8e-33.el5_11.s390.rpm openssl-0.9.8e-33.el5_11.s390x.rpm openssl-debuginfo-0.9.8e-33.el5_11.s390.rpm openssl-debuginfo-0.9.8e-33.el5_11.s390x.rpm openssl-devel-0.9.8e-33.el5_11.s390.rpm openssl-devel-0.9.8e-33.el5_11.s390x.rpm openssl-perl-0.9.8e-33.el5_11.s390x.rpm

    x86_64: openssl-0.9.8e-33.el5_11.i686.rpm openssl-0.9.8e-33.el5_11.x86_64.rpm openssl-debuginfo-0.9.8e-33.el5_11.i386.rpm openssl-debuginfo-0.9.8e-33.el5_11.i686.rpm openssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm openssl-devel-0.9.8e-33.el5_11.i386.rpm openssl-devel-0.9.8e-33.el5_11.x86_64.rpm openssl-perl-0.9.8e-33.el5_11.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2014-8275 https://access.redhat.com/security/cve/CVE-2015-0204 https://access.redhat.com/security/cve/CVE-2015-0287 https://access.redhat.com/security/cve/CVE-2015-0288 https://access.redhat.com/security/cve/CVE-2015-0289 https://access.redhat.com/security/cve/CVE-2015-0292 https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20150108.txt https://www.openssl.org/news/secadv_20150319.txt https://access.redhat.com/articles/1384453

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFVK6+gXlSAg2UNWIIRAoSlAJ0UGwyEUVUDOKBoGDKJRsDtDdmxSwCgvH9a M4Bxjq//ZXaJCcyFFc1l5A4= =rctB -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. HP SSL for OpenVMS: All versions prior to 1.4-502.

    HP SSL 1.4-502 for OpenVMS (based on OpenSSL 0.9.8ze) is available from the following locations:

    - HP SSL for OpenVMS website:
    
      http://h71000.www7.hp.com/openvms/products/ssl/ssl.html
    
    - HP Support Center website:
    
      https://h20566.www2.hp.com/portal/site/hpsc/patch/home
    
      Note: Login using your HP Passport account. SAP <http://www.sap.com/>has released the monthly critical patch update
    

    for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most popular vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ERPScan researchers Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed.

    Issues that were patched with the help of ERPScan

    Below are the details of SAP vulnerabilities that were found byERPScan http://www.erpscan.com/researchers.

    • An XML eXternal Entity vulnerability in SAP Mobile Platform on-premise (CVSS Base Score:5.5).Updateis available in SAP Security Note2159601 https://service.sap.com/sap/support/notes/2159601. An attacker can use XML eXternal Entities to send specially crafted unauthorized XML requests, which will be processed by the XML parser. The attacker will get unauthorized access to the OS file system.
    • A Hardcoded Credentials vulnerability in SAP Cross-System Tools (CVSS Base Score:3.6).Updateis available in SAP Security Note2059659 https://service.sap.com/sap/support/notes/2059659. In addition, it is likely that the code will be implemented as a backdoor into the system.
    • A Hardcoded Credentials vulnerability in SAP Data Transfer Workbench (CVSS Base Score:2.1).Updateis available in SAP Security Note2057982 https://service.sap.com/sap/support/notes/2057982. In addition, it is likely that the code will be implemented as a backdoor into the system.

    The most critical issues found by other researchers

    Some of our readers and clients asked us to categorize the most critical SAP vulnerabilities to patch them first. Companies providing SAP Security Audit, SAP Security Assessment, or SAP Penetration Testing services can include these vulnerabilities in their checklists. The most critical vulnerabilities of this update can be patched by the following SAP Security Notes:

    • 2151237 https://service.sap.com/sap/support/notes/2151237: SAP GUI for Windows has a Buffer Overflow vulnerability (CVSS Base Score:9.3). An attacker can use Buffer Overflow for injecting specially crafted code into working memory, which will be executed by the vulnerable application under the privileges of that application. In case of command execution,attackercan obtain critical technical and business-related information stored in the vulnerable SAP-system or escalate their own privileges. For this time, nobody will be able to use this service, which negatively influences business processes, system downtime, and, consequently, business reputation. It is recommended to install this SAP Security Note to prevent risks.
    • 2129609 https://service.sap.com/sap/support/notes/2129609: SAP EP JDBC Connector has an SQL Injection vulnerability (CVSS Base Score:6.5). An attacker can use SQL Injections with the help of specially crafted SQL queries. They can read and modify sensitive information from a database, execute administrative operations in a database, destroy data or make it unavailable. In some cases, an attacker can access system data or execute OS commands. It is recommended to install this SAP Security Note to prevent risks.
    • 1997734 https://service.sap.com/sap/support/notes/1997734: SAP RFC runtime has a Missing AuthorizationXheckvulnerability (CVSS Base Score:6.0). An attacker can use Missing Authorization Checks to access a service without any authorization procedures and use service functionality that has restricted access. It is recommended to install this SAP Security Note to prevent risks.
    • 2163306 https://service.sap.com/sap/support/notes/2163306: SAP CommonCryptoLib and SAPCRYPTOLIB are vulnerable to FREAK (CVE-2015-0204, CVSS Base Score:5.0). It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. All the attacks on this page assume a network adversary (i.e. a man-in-the-middle) to tamper with TLS handshake messages. The typical scenario to mount such attacks is by tampering with the Domain Name System (DNS), for example via DNS rebinding or domain name seizure. This attack targets a class of deliberately weak export cipher suites. It is recommended to install this SAP Security Note to prevent risks.

    References about the FREAK vulnerability:

    It is highly recommended to patch all those SAP vulnerabilities to prevent business risks affecting your SAP systems.

    SAP has traditionally thanked the security researchers from ERPScan for found vulnerabilities on theiracknowledgment page http://scn.sap.com/docs/DOC-8218.

    Advisories for those SAP vulnerabilities with technical details will be available in 3 months onerpscan.com http://www.erpscan.com/.

    --

    Darya Maenkova

    PR manager

    https://www.linkedin.com/company/2217474?trk=ppro_cprof https://twitter.com/erpscan

    http://erpscan.com/


    e-mail: d.maenkova@erpscan.com d.maenkova@erpscan.com

    address: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301

    phone: 650.798.5255

    erpscan.com http://erpscan.com

    . OpenSSL Security Advisory [08 Jan 2015]

    DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)

    Severity: Moderate

    A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of Cisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL core team.

    DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)

    Severity: Moderate

    A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.

    This issue affects OpenSSL versions: 1.0.1 and 1.0.0.

    OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p.

    This issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also provided an initial patch. Further analysis was performed by Matt Caswell of the OpenSSL development team, who also developed the final patch.

    no-ssl3 configuration sets method to NULL (CVE-2014-3569)

    Severity: Low

    When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The fix was developed by Kurt Roeckx.

    ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)

    Severity: Low

    An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.

    RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

    Severity: Low

    An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. A server could present a weak temporary key and downgrade the security of the session.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.

    DH client certificates accepted without verification [Server] (CVE-2015-0205)

    Severity: Low

    An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.

    This issue affects OpenSSL versions: 1.0.1 and 1.0.0.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p.

    This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team.

    Certificate fingerprints can be modified (CVE-2014-8275)

    Severity: Low

    OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint.

    This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    One variant of this issue was discovered by Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program and reported to OpenSSL on 1st December 2014 by NCSC-FI Vulnerability Co-ordination. Another variant was independently reported to OpenSSL on 12th December 2014 by Konrad Kraszewski from Google. Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team.

    Bignum squaring may produce incorrect results (CVE-2014-3570)

    Severity: Low

    Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64. This bug occurs at random with a very low probability, and is not known to be exploitable in any way, though its exact impact is difficult to determine. The following has been determined:

    ) The probability of BN_sqr producing an incorrect result at random is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and 1/2^128 on affected 64-bit platforms. ) On most platforms, RSA follows a different code path and RSA operations are not affected at all. For the remaining platforms (e.g. OpenSSL built without assembly support), pre-existing countermeasures thwart bug attacks [1]. ) Static ECDH is theoretically affected: it is possible to construct elliptic curve points that would falsely appear to be on the given curve. However, there is no known computationally feasible way to construct such points with low order, and so the security of static ECDH private keys is believed to be unaffected. ) Other routines known to be theoretically affected are modular exponentiation, primality testing, DSA, RSA blinding, JPAKE and SRP. No exploits are known and straightforward bug attacks fail - either the attacker cannot control when the bug triggers, or no private key material is involved.

    This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.

    OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd.

    This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille (Blockstream) who also suggested an initial fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team.

    [1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf

    Note

    As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt

    Note: the online version of the advisory may be updated with additional details over time.

    For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "jre 1.7.0 17",
            "scope": null,
            "trust": 1.8,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 17",
            "scope": null,
            "trust": 1.5,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 13",
            "scope": null,
            "trust": 1.5,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 43",
            "scope": null,
            "trust": 1.5,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 39",
            "scope": null,
            "trust": 1.5,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0:update 65",
            "scope": null,
            "trust": 1.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "oracle",
            "version": "1.7.072"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "oracle",
            "version": "1.8.025"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "oracle",
            "version": "1.6.085"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 43",
            "scope": null,
            "trust": 1.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 45",
            "scope": null,
            "trust": 1.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 38",
            "scope": null,
            "trust": 1.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "oracle",
            "version": "1.6.085"
          },
          {
            "_id": null,
            "model": "jre 1.7.0 13",
            "scope": null,
            "trust": 1.2,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "oracle",
            "version": "1.8.025"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0o"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0n"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8zc"
          },
          {
            "_id": null,
            "model": "jre 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.6.081"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 16",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 65",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 55",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0:update 75",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0:update 60",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 61",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0:update 65",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 45",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.6.081"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0:update 75",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.840"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 60",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 51",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7.072"
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 45",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.691"
          },
          {
            "_id": null,
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 55",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.8.0:update 5",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 17",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.8.0:update 5",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 60",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 03",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.776"
          },
          {
            "_id": null,
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 45",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.7.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 71",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 61",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 29",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.581"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 16",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 11",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.5.071"
          },
          {
            "_id": null,
            "model": "jdk 0 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 10",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.581"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 2",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 24",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk .0 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 41",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.5.075"
          },
          {
            "_id": null,
            "model": "jre 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 32",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 31",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 8",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 21",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 37",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.840"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 28",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 45",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 51",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.5.075"
          },
          {
            "_id": null,
            "model": "jre 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 71",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 51",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.8.020"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 26",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 15",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 39",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 17",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 18",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 30",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 02",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 01",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.691"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 13",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 35",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 45",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 65",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 51",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 27",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0:update 60",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7.067"
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 38",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.7.0 11",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.5.071"
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 4",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.7.067"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 20",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 23",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 22",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.776"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "oracle",
            "version": "1.8.020"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 25",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.5.0 40",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.7.0 9",
            "scope": null,
            "trust": 0.9,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 18",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 19",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 14",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 33",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 22",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "research in motion rim",
            "version": null
          },
          {
            "_id": null,
            "model": "capssuite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v4 to  v5.1"
          },
          {
            "_id": null,
            "model": "csview",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "/faq navigator"
          },
          {
            "_id": null,
            "model": "csview",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "/web questionnaire"
          },
          {
            "_id": null,
            "model": "enterprisedirectoryserver",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver6.0 to  ver8.0"
          },
          {
            "_id": null,
            "model": "enterpriseidentitymanager",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "/sg series  intersecvm/sg v1.2"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v3.0"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v3.1"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v4.0"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "/sg series  sg3600lm/lg/lj v6.1"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v6.2"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v7.0"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v7.1"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v8.0"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "/sg series  univerge sg3000lg/lj"
          },
          {
            "_id": null,
            "model": "infocage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "security risk management  v1.0.2 to  v2.1.4"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "a series"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "d series"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "e series"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "hs series"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "m series  (nas including options )"
          },
          {
            "_id": null,
            "model": "istorage",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "s series"
          },
          {
            "_id": null,
            "model": "secureware/pki application development kit",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver3.0"
          },
          {
            "_id": null,
            "model": "secureware/pki application development kit",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver3.01"
          },
          {
            "_id": null,
            "model": "secureware/pki application development kit",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver3.02"
          },
          {
            "_id": null,
            "model": "secureware/pki application development kit",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver3.1"
          },
          {
            "_id": null,
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise edition v4.2 to  v6.5"
          },
          {
            "_id": null,
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard edition v4.2 to  v6.5"
          },
          {
            "_id": null,
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard-j edition v4.1 to  v6.5"
          },
          {
            "_id": null,
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "uddi registry v1.1 to  v7.1"
          },
          {
            "_id": null,
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "web edition v4.1 to  v6.5"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise edition v7.1"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise v8.2 to  v9.2"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "express v8.2 to  v9.2"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "foundation v8.2 to  v8.5"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard edition v7.1"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard v8.2 to  v9.2"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard-j edition v7.1 to  v8.1"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "web edition v7.1 to  v8.1"
          },
          {
            "_id": null,
            "model": "webotx enterprise service bus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v6.4 to  v9.2"
          },
          {
            "_id": null,
            "model": "webotx portal",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v8.2 to  v9.1"
          },
          {
            "_id": null,
            "model": "webotx sip application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard edition v7.1 to  v8.1"
          },
          {
            "_id": null,
            "model": "websam",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "application navigator v3.1.0.x to  v4.1.0.x"
          },
          {
            "_id": null,
            "model": "websam",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "jobcenter cl/web r13.1"
          },
          {
            "_id": null,
            "model": "websam",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "jobcenter cl/web r13.2"
          },
          {
            "_id": null,
            "model": "jdk 01-b06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "jre 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "oracle",
            "version": "1.8"
          },
          {
            "_id": null,
            "model": "jdk .0 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "paging server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jdk .0 03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 38",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 2",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "jdk 07-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0.0 08",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 12",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 34",
            "scope": null,
            "trust": 0.6,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "oracle",
            "version": "1.8"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 09",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 11",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 11-b03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 1.5.0.0 07",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 01",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 1.6.0 20",
            "scope": null,
            "trust": 0.6,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.0.1"
          },
          {
            "_id": null,
            "model": "bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "bbm protected on blackberry",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.1.1767"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "bbm on blackberry os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.1.1767"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.039"
          },
          {
            "_id": null,
            "model": "jdk update17",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.1"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.17"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x22025850"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.22"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.2"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90000"
          },
          {
            "_id": null,
            "model": "idataplex dx360 m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "79120"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "buildforge ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.28"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "websphere real time sr8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "85100"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "jdk update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ip interoperability and collaboration system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.5"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.306"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.055"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.2.0.4-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "hunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.1"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.42"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.025"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.6.1.0.0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "prime security manager 04.8 qa08",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "rational automation framework ifix5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.3"
          },
          {
            "_id": null,
            "model": "ns oncommand core package",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "sametime community server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "cognos planning interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.0-68"
          },
          {
            "_id": null,
            "model": "system m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x355041980"
          },
          {
            "_id": null,
            "model": "prime license manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.47"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "cloud manager interim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.3"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.12"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.22"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "sterling control center ifix01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.21"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.3"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.02"
          },
          {
            "_id": null,
            "model": "java sdk sr4-fp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37001.1"
          },
          {
            "_id": null,
            "model": "local collector appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "api management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x310025820"
          },
          {
            "_id": null,
            "model": "websphere real time sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "flex system fc3171 8gb san switch and san pass-thru",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.2.00"
          },
          {
            "_id": null,
            "model": "tivoli asset discovery for distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2.0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.039"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.43"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "notes fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "_id": null,
            "model": "license metric tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.2"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1k",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.8.06"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.04"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.208"
          },
          {
            "_id": null,
            "model": "jre update22",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.220"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50001.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.15"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12g",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "java sdk ga",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.2"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.12"
          },
          {
            "_id": null,
            "model": "rational requisitepro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6"
          },
          {
            "_id": null,
            "model": "system management homepage c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.186"
          },
          {
            "_id": null,
            "model": "db2 workgroup server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "adaptive security appliance software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.4(7.26)"
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.8.0.10"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.043"
          },
          {
            "_id": null,
            "model": "tivoli network performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "communications session border controller scz7.3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.121"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.3"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.1.1779"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.35"
          },
          {
            "_id": null,
            "model": "jre update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "cognos tm1 interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8y",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.8"
          },
          {
            "_id": null,
            "model": "jboss enterprise application platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.39"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.68"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.4"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.4"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ac2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90000"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.11.03"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 23584 14",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.260"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.1.830"
          },
          {
            "_id": null,
            "model": "nextscale nx360 m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "54550"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.14"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.22"
          },
          {
            "_id": null,
            "model": "tivoli network performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "tandberg codian isdn gw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32200"
          },
          {
            "_id": null,
            "model": "link for mac os (build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.1.139)"
          },
          {
            "_id": null,
            "model": "websphere dashboard framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.1"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.2"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 11",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.08"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "jabber video for telepresence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "proventia network enterprise scanner",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.036"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10e",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.3"
          },
          {
            "_id": null,
            "model": "workcentre 3025ni",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "3.50.01.10"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0-95"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.2"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.6"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp05",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.51"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.5"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.180"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1.1"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3690x571480"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.16"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.17"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)4.1"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10p",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.2"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.7"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.0.1"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "rational automation framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.2"
          },
          {
            "_id": null,
            "model": "chassis management module 2peo12r",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.2.3"
          },
          {
            "_id": null,
            "model": "control center ifix01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.0"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x375087220"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.3"
          },
          {
            "_id": null,
            "model": "java sdk 6r1 sr8-fp2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.1.0.4-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.1"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.6.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.3"
          },
          {
            "_id": null,
            "model": "bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.0.1"
          },
          {
            "_id": null,
            "model": "tivoli storage manager client management services",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.200"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "32253.50.01.10"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.4.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "java sdk sr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "multi-enterprise integration gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "rational requisitepro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "bbm meetings for blackberry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "100"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "bcaaa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.5"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp10",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "tivoli access manager for e-business",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "wag310g residential gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.0-14"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.8"
          },
          {
            "_id": null,
            "model": "rational developer for aix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "sterling control center ifix02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.10"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.1.7"
          },
          {
            "_id": null,
            "model": "tivoli storage manager operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications fp02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "link for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.2.1.31"
          },
          {
            "_id": null,
            "model": "system management homepage b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.146"
          },
          {
            "_id": null,
            "model": "agent desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10.0(2)"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.13"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v3)"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12r",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10b",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "idp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "java sdk sr7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "chassis management module 2peo12o",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "ctpos 7.0r4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.038"
          },
          {
            "_id": null,
            "model": "unified attendant console department edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "system management homepage a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.11.197"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15210"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.0"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.3"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.31"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.3"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.365"
          },
          {
            "_id": null,
            "model": "junos space",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.411"
          },
          {
            "_id": null,
            "model": "java sdk sr12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3204.1"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.3"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60000"
          },
          {
            "_id": null,
            "model": "tape subsystems",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.018"
          },
          {
            "_id": null,
            "model": "system idataplex dx360 m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x73210"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.2"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.019"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.15"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.11"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zd",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.2"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.51"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.01"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ae2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90000"
          },
          {
            "_id": null,
            "model": "cognos planning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.2.0.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.1"
          },
          {
            "_id": null,
            "model": "secure work space for bes10/bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.1.0.150361"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "notes fp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.1.1"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "commoncryptolib",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sap",
            "version": "0"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.0"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.9.3"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 11-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bes10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.4"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.3"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited advanced edition for system z",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "vgw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.2.835"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1.2"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.0"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "upward integration modules hardware management pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.4"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.7"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.3"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x325025830"
          },
          {
            "_id": null,
            "model": "jdk update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "ns oncommand core package",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.3"
          },
          {
            "_id": null,
            "model": "domino fix pack if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.133"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.1.830"
          },
          {
            "_id": null,
            "model": "system management homepage 7.3.2.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "30203.50.01.10"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.32"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.5.1.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "bbm protected on ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.13"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.3"
          },
          {
            "_id": null,
            "model": "video surveillance media server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "smartcloud entry fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.110"
          },
          {
            "_id": null,
            "model": "rational build utility",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "84200"
          },
          {
            "_id": null,
            "model": "cms r16.3 r7",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.3.0.12"
          },
          {
            "_id": null,
            "model": "system m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365079470"
          },
          {
            "_id": null,
            "model": "db2 connect enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.16"
          },
          {
            "_id": null,
            "model": "infosphere information analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "rational developer for aix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.01"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.032"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.4"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "2"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.0"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9.790"
          },
          {
            "_id": null,
            "model": "tivoli netcool configuration manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4.1.3"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.12"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x363071580"
          },
          {
            "_id": null,
            "model": "ctpos 7.1r1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "mq appliance m2000",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "api management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "jre update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "content analysis system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jre update15",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.5"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.19"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.801"
          },
          {
            "_id": null,
            "model": "aura experience portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.2"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.1"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.0.590"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.0.600"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4.2.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "aura presence services sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp4 ltss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.50"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x24078630"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "workcentre r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "6400061.070.105.25200"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "db2 connect application server advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.4"
          },
          {
            "_id": null,
            "model": "gpfs for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "flex system manager node types",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87310"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.5"
          },
          {
            "_id": null,
            "model": "system m4 hdtype",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365054600"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.13"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "java sdk sr fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7910"
          },
          {
            "_id": null,
            "model": "mobile security suite mss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 08",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.8.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.1.0.6"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0.5"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.01"
          },
          {
            "_id": null,
            "model": "aura application server sip core pb5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53003.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "websphere mq for hp nonstop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "jdk update33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.21"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.13"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.2"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.15"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x375087180"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.045"
          },
          {
            "_id": null,
            "model": "jre update10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "websphere real time sr9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "domino fix pack interim f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.12"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.52"
          },
          {
            "_id": null,
            "model": "idataplex dx360 m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "79130"
          },
          {
            "_id": null,
            "model": "jdk update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zc",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.37"
          },
          {
            "_id": null,
            "model": "jre update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.4"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.01"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.01"
          },
          {
            "_id": null,
            "model": "jdk update10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "infosphere optim data masking solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.3.0.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "link for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.2.0.28"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.1"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.0.9"
          },
          {
            "_id": null,
            "model": "system idataplex dx360 m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x73230"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "domino fp if4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.36"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.0"
          },
          {
            "_id": null,
            "model": "jre update13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.6"
          },
          {
            "_id": null,
            "model": "workcentre spar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "355025.003.33.000"
          },
          {
            "_id": null,
            "model": "buildforge ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.37"
          },
          {
            "_id": null,
            "model": "adaptive security appliance software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.2(3.1)"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.1.0.5-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "jdk update21",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.3"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.18"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "8"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.5"
          },
          {
            "_id": null,
            "model": "tivoli composite application manager for soa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "db2 query management facility",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3950x57145"
          },
          {
            "_id": null,
            "model": "java sdk sr5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "rational developer for aix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.00"
          },
          {
            "_id": null,
            "model": "vds service broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.60"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "d9036 modular encoding platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35001.1"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.041"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.6"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ac1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "app for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cognos tm1 interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.0.2"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.1"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "jdk update25",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12h",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "xiv storage system gen3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.2.0"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "control center ifix02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.0"
          },
          {
            "_id": null,
            "model": "snapdrive for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "one-x client enablement services sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "bbm protected on ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.7.0.32"
          },
          {
            "_id": null,
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.2.835"
          },
          {
            "_id": null,
            "model": "telepresence serial gateway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "security identity governance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tivoli storage manager operations center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4.2.200"
          },
          {
            "_id": null,
            "model": "webex meetings server 2.5mr2",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.3"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.5"
          },
          {
            "_id": null,
            "model": "jdk update27",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.43"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.103"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.24"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "unified attendant console enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jdk update15",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "platform cluster manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.122"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.027"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "db2 enterprise server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "db2 connect application server advanced edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "content analysis system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "1.2.3.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12d",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "ucs central",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.0"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3850x571460"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.1.0.6"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.025"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x44079170"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "work browser for bes10/bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.1.17483.17"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.8.05"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.0"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.3"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.5"
          },
          {
            "_id": null,
            "model": "rational agent controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.3.3"
          },
          {
            "_id": null,
            "model": "tivoli asset management for it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.0"
          },
          {
            "_id": null,
            "model": "nac guest server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.18"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.4"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for metrics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "jdk update25",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.250"
          },
          {
            "_id": null,
            "model": "db2 advanced enterprise server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v2)"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.2.0.5"
          },
          {
            "_id": null,
            "model": "ata series analog terminal adaptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1900"
          },
          {
            "_id": null,
            "model": "enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.12"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.186"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.1.0"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.2"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.21"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.4"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.211"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "sbr carrier",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.2"
          },
          {
            "_id": null,
            "model": "mysql server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "websphere mq mqipt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.033"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "mq light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "tandberg codian isdn gw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32400"
          },
          {
            "_id": null,
            "model": "cognos tm1 fp4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.3.0.12"
          },
          {
            "_id": null,
            "model": "jdk 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)4.2"
          },
          {
            "_id": null,
            "model": "cms r16.3",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.43"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.11"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3400"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1.1"
          },
          {
            "_id": null,
            "model": "bbm protected on android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.4.19"
          },
          {
            "_id": null,
            "model": "domino interim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.03"
          },
          {
            "_id": null,
            "model": "db2 recovery expert for linux unix and windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "domino fix pack interim f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.15"
          },
          {
            "_id": null,
            "model": "mashup center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.7"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.16-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.2"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "jdk update9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "workflow for bluemix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0.870"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.043"
          },
          {
            "_id": null,
            "model": "jre update26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.260"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.3"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "7"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.060"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.411"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "rational automation framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.3"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.2.2.2"
          },
          {
            "_id": null,
            "model": "network configuration and change management service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "data ontap smi-s agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.6.0"
          },
          {
            "_id": null,
            "model": "db2 recovery expert for linux unix and windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for hp nonstop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2.77"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.2"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "java sdk sr14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6.0.2"
          },
          {
            "_id": null,
            "model": "link for mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.2.1.16"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.27"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.5"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2 ltss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "_id": null,
            "model": "tivoli network performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x24087380"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.41"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip multicast qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "domino fp if3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.24"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.10"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "prime lan management solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "command center appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.96"
          },
          {
            "_id": null,
            "model": "jre update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.0"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.2"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.0.3"
          },
          {
            "_id": null,
            "model": "netscaler gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.3"
          },
          {
            "_id": null,
            "model": "unified attendant console advanced",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.2"
          },
          {
            "_id": null,
            "model": "cognos tm1 fp if",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.238"
          },
          {
            "_id": null,
            "model": "ns oncommand core package",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4.1"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.036"
          },
          {
            "_id": null,
            "model": "tandberg codian isdn gw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32100"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited edition for system i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.4"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "initiate master data service provider hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.14"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.11"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.7"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.2.0.3"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.0.820"
          },
          {
            "_id": null,
            "model": "systems insight manager sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.1"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.2.0.3"
          },
          {
            "_id": null,
            "model": "bcaaa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "work connect for bes10/bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.0.17483.21"
          },
          {
            "_id": null,
            "model": "jdk update24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.4.1.8"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.051"
          },
          {
            "_id": null,
            "model": "upward integration modules hardware management pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "5"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.8.0"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50006.4"
          },
          {
            "_id": null,
            "model": "domino if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.06"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.29"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.9"
          },
          {
            "_id": null,
            "model": "one-x client enablement services sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "content analysis system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.102"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "jre update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.50"
          },
          {
            "_id": null,
            "model": "anyres live",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "blend for mac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.15"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.195"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.034"
          },
          {
            "_id": null,
            "model": "java sdk sr16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.1"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.5.0.2"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.3"
          },
          {
            "_id": null,
            "model": "xiv storage system gen3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0.1"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.2"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.4"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 24755 137",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.13"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.11"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.1.3.3"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "operations analytics predictive insights",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "infosphere global name management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 04",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "malware analysis appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.2.0.8"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.4"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11 (11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "v1)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "jdk update28",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.280"
          },
          {
            "_id": null,
            "model": "domino fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.36"
          },
          {
            "_id": null,
            "model": "secure work space for bes10/bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.1.0.150360"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.1.0.6"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "data ontap operating in 7-mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.7"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "tivoli asset management for it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.010"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.2"
          },
          {
            "_id": null,
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.038"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x350073800"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "jdk update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.9"
          },
          {
            "_id": null,
            "model": "flex system fc3171 8gb san switch and san pass-thru",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.0.00"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.04"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for metrics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "36001.70.03.06"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1-73"
          },
          {
            "_id": null,
            "model": "infosphere balanced warehouse c4000",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.0"
          },
          {
            "_id": null,
            "model": "infosphere master data management patient hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.5"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "system idataplex dx360 m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x63910"
          },
          {
            "_id": null,
            "model": "infosphere master data management server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "aura utility services sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.6"
          },
          {
            "_id": null,
            "model": "jre update27",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "jre update17",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "jdk update27",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.270"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.32"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.303"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.56"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10h",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.3.0.12"
          },
          {
            "_id": null,
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.1(0.625)"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x88079030"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5.3"
          },
          {
            "_id": null,
            "model": "tivoli asset discovery for distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.0.870"
          },
          {
            "_id": null,
            "model": "system management homepage b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2.77"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.19"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for metrics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "tivoli asset management for it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.12"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.3"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ac1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.25"
          },
          {
            "_id": null,
            "model": "blend for blackberry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "100"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.840"
          },
          {
            "_id": null,
            "model": "prime data center network manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.7"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.013"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.21"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "java sdk 6r1 sr8-fp4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)5.0"
          },
          {
            "_id": null,
            "model": "infosphere master data management provider hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "sterling control center ifix03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.41"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational software architect for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.0.3"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "version control repository manager 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.740"
          },
          {
            "_id": null,
            "model": "jdk 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "one-x client enablement services sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.4"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ae1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "32153.50.01.10"
          },
          {
            "_id": null,
            "model": "websphere appliance management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x22279160"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.11"
          },
          {
            "_id": null,
            "model": "jdk update31",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.11"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ac2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90000"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.3"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.3.8.3"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.5"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12i",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2.1"
          },
          {
            "_id": null,
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.366"
          },
          {
            "_id": null,
            "model": "jdk update13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "infosphere information server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.7"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10m",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "tivoli system automation for integrated operations management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.4"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.032"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "unified ip conference phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88310"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.45"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.0.820"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.03"
          },
          {
            "_id": null,
            "model": "infosphere balanced warehouse c3000",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update19",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "chassis management module 2pete5o",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ac2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90007.5.1.0"
          },
          {
            "_id": null,
            "model": "communications session border controller scz7.2.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rational developer for aix and cobol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.21"
          },
          {
            "_id": null,
            "model": "multi-enterprise integration gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.5.0.2"
          },
          {
            "_id": null,
            "model": "src series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.3.0"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.1.8"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "buildforge ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.66"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x355079440"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.32"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "42000"
          },
          {
            "_id": null,
            "model": "hosted collaboration mediation fulfillment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.2.0"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.14.20"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.760"
          },
          {
            "_id": null,
            "model": "websphere real time sr7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "data ontap smi-s agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.2"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.4"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jdk update30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.300"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3850x571430"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "tivoli storage manager operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.07"
          },
          {
            "_id": null,
            "model": "bbm on blackberry os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "100"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.051"
          },
          {
            "_id": null,
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "bes12 client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.0.0.70"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ctp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.14"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.19"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.37"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.045"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 24144 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.3.0.5"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.14"
          },
          {
            "_id": null,
            "model": "sametime community server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.3"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.303"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "content collector for sap applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.5"
          },
          {
            "_id": null,
            "model": "business process manager advanced",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x375087330"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.024"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.20"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.2.0.3"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.0.1"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.23"
          },
          {
            "_id": null,
            "model": "enterprise",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.1.0.7"
          },
          {
            "_id": null,
            "model": "mate live",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.02"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ae2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90000"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.038"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1.104"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12f",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.10"
          },
          {
            "_id": null,
            "model": "nsm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.040"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.4"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.10"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "bbm protected on android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.7.0.6"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.11"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.0.0"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 25374 241",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "prime collaboration provisioning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pulse secure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.041"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.029"
          },
          {
            "_id": null,
            "model": "initiate master data service provider hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "websphere real time",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.5"
          },
          {
            "_id": null,
            "model": "java sdk r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1.73"
          },
          {
            "_id": null,
            "model": "telepresence isdn gw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32410"
          },
          {
            "_id": null,
            "model": "java sdk 7r1 sr2",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system m5 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x310054570"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip multicast qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "telepresence ex series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.9"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x363073770"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "aura conferencing sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.4"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1841"
          },
          {
            "_id": null,
            "model": "database 12c release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "112.11"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "linux enterprise module for legacy software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "infosphere identity insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.21"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ae2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90007.5.1.0"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)4.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.9.5"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.179"
          },
          {
            "_id": null,
            "model": "aura utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.010"
          },
          {
            "_id": null,
            "model": "tivoli netcool configuration manager if",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.6003"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.027"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.022"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.4"
          },
          {
            "_id": null,
            "model": "aura system manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser ifix10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5.3"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "telepresence conductor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "video surveillance 4300e/4500e high-definition ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.2.0.5"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3950x638370"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "cognos insight standard edition fp if",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.124"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.0"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational agent controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "aura utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "sterling control center ifix04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.2.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.6.1.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.8.5"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365054540"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "platform cluster manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "jdk update17",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "ctpos 6.6r5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.1.0.7"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.13"
          },
          {
            "_id": null,
            "model": "websphere real time sr fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3810"
          },
          {
            "_id": null,
            "model": "domino if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.07"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "tivoli asset management for it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "rational developer for aix and cobol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "workcentre 3025bi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "3.50.01.10"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser ifix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.212"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.033"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "netscaler service delivery appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "mysql server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.22"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.2.7"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.1"
          },
          {
            "_id": null,
            "model": "clustered data ontap antivirus connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "sterling control center ifix03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.1.0"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "53000"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 31",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.021"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "jdk 0 03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "java sdk sr9",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "jdk update20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "db2 query management facility",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "session border controller for enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "telepresence isdn gw mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83210"
          },
          {
            "_id": null,
            "model": "bbm on ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.302"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.10"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.4"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "systems insight manager 7.4.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.7"
          },
          {
            "_id": null,
            "model": "blend for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.4"
          },
          {
            "_id": null,
            "model": "rational build utility",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4.750"
          },
          {
            "_id": null,
            "model": "system m5 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x325054580"
          },
          {
            "_id": null,
            "model": "security identity manager virtual appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "chassis management module 2peo12i",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.4"
          },
          {
            "_id": null,
            "model": "notes fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.36"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.0"
          },
          {
            "_id": null,
            "model": "lotus quickr for websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)5.1"
          },
          {
            "_id": null,
            "model": "cognos tm1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.060"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10c",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.02"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10f",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli network performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "sterling control center ifix02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.34"
          },
          {
            "_id": null,
            "model": "jdk update21",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.10"
          },
          {
            "_id": null,
            "model": "rational developer for aix and cobol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "upward integration modules scvmm add-in",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "java sdk sr13-fp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x355042540"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for metrics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.029"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.6"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.5"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.2"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "_id": null,
            "model": "one-x client enablement services sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5.2"
          },
          {
            "_id": null,
            "model": "blend for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "systems insight manager 7.3.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.06"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.5"
          },
          {
            "_id": null,
            "model": "websphere process server hypervisor edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "30523.50.01.11"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 24651 124",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.842"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.28"
          },
          {
            "_id": null,
            "model": "xiv storage system gen3 a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "one-x client enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.0"
          },
          {
            "_id": null,
            "model": "telepresence te software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.030"
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.9.1.11"
          },
          {
            "_id": null,
            "model": "java sdk sr13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.209"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 09-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.9"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.41"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tandberg codian mse model",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83200"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "tivoli storage manager for virtual environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4.0.0"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server eus 6.6.z",
            "scope": null,
            "trust": 0.3,
            "vendor": "redhat",
            "version": null
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.0.4"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.051"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.7"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "db2 connect application server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "bbm on windows phone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.0.0.25"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1.2"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.4"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.42"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "jre update30",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.300"
          },
          {
            "_id": null,
            "model": "java sdk 7r1 sr1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "ctpview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6.156"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.2.0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.10"
          },
          {
            "_id": null,
            "model": "link for mac os (build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.0.16)"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.13"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.034"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.27"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.0.1"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.10"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.7"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12"
          },
          {
            "_id": null,
            "model": "jabber for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise content delivery service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere application server community edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0.4"
          },
          {
            "_id": null,
            "model": "unified sip proxy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jre update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "tivoli system automation for integrated operations management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.0.2"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.4"
          },
          {
            "_id": null,
            "model": "app for stream",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.8"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.035"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1.6"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.1"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5"
          },
          {
            "_id": null,
            "model": "adaptive security appliance software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.1(5.106)"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "jdk update11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.0"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "java sdk sr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.42"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 23853 47",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "java",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.480"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.026"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3850x638370"
          },
          {
            "_id": null,
            "model": "netscaler application delivery controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.7"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.1"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "tivoli netcool configuration manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.4.1.2"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 25616 10",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3"
          },
          {
            "_id": null,
            "model": "operations analytics predictive insights",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.4"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.0"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.33"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.20"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2.2"
          },
          {
            "_id": null,
            "model": "workcentre spar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "35500"
          },
          {
            "_id": null,
            "model": "os image for aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.0"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller 1.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.31"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fixpack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.24"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.18"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.13"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "aura conferencing sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security access manager for web",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365042550"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.9.1"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.4.0.5"
          },
          {
            "_id": null,
            "model": "communications core session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.3.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0-103"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.12.201"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "java sdk sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.040"
          },
          {
            "_id": null,
            "model": "prime collaboration deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.31"
          },
          {
            "_id": null,
            "model": "dx series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8za",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ace30 application control engine module 3.0 a5",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified computing system b-series servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.96"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.012"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.1"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2.127"
          },
          {
            "_id": null,
            "model": "jabber software development kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.800"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.3"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.10"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6.0.3"
          },
          {
            "_id": null,
            "model": "db2 advanced workgroup server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "bbm meetings for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cms r17 r4",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "mysql server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.21"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.1.9"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.065"
          },
          {
            "_id": null,
            "model": "cognos insight standard edition fp if",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.214"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.9"
          },
          {
            "_id": null,
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "tivoli storage manager operations center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.200"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.305"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.01"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.0.0"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "cms r17",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.3.0.10"
          },
          {
            "_id": null,
            "model": "flex system fc3171 8gb san switch and san pass-thru",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.5.03.00"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.45"
          },
          {
            "_id": null,
            "model": "integration bus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1.4"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "hunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.2"
          },
          {
            "_id": null,
            "model": "database 12c release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "112.12"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15"
          },
          {
            "_id": null,
            "model": "data ontap operating in 7-mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.037"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.01"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "tivoli storage manager client management services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "bbm meetings for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.2"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.17"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.7"
          },
          {
            "_id": null,
            "model": "sametime community server limited use",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9"
          },
          {
            "_id": null,
            "model": "platform cluster manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "jdk update22",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.220"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.12"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3690x571470"
          },
          {
            "_id": null,
            "model": "snapdrive for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x24087370"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "onepk all-in-one vm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.31"
          },
          {
            "_id": null,
            "model": "content collector for sap applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "db2 developer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.0.10"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.0"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.5"
          },
          {
            "_id": null,
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.8"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "system m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365041990"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.1.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.11"
          },
          {
            "_id": null,
            "model": "network node manager ispi for net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.2"
          },
          {
            "_id": null,
            "model": "flex system manager node types",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "87340"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.041"
          },
          {
            "_id": null,
            "model": "aura system manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "domino fix pack interim f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.24"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.12"
          },
          {
            "_id": null,
            "model": "secure work space for bes10/bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.1.0.150359"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.015"
          },
          {
            "_id": null,
            "model": "ddos secure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "cms r17 r3",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.180"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "integration bus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.045"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.16"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.22"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "db2 enterprise server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "ringmaster appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "integrated management module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.47"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "domino interim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.06"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.15"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.051"
          },
          {
            "_id": null,
            "model": "java sdk sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "java sdk sr1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8"
          },
          {
            "_id": null,
            "model": "clustered data ontap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "websphere real time sr7 fp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.3.0.5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "bbm meetings for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "business process manager advanced",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.6"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.2"
          },
          {
            "_id": null,
            "model": "bes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "50"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "system m4 bd type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365054660"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8x"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "jre update28",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.6"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.4.19"
          },
          {
            "_id": null,
            "model": "telepresence supervisor mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "80500"
          },
          {
            "_id": null,
            "model": "iptv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.11"
          },
          {
            "_id": null,
            "model": "upward integration modules integrated installer",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.3"
          },
          {
            "_id": null,
            "model": "jdk update13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1.3"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.11"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.1"
          },
          {
            "_id": null,
            "model": "web security appliance 9.0.0 -fcs",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.02"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 24998 176",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.6"
          },
          {
            "_id": null,
            "model": "mint",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bes12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "application networking manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "3"
          },
          {
            "_id": null,
            "model": "sterling control center ifix04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.0.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5.2"
          },
          {
            "_id": null,
            "model": "link for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.0.1.12"
          },
          {
            "_id": null,
            "model": "jdk update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "tivoli monitoring",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.024"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "jdk update23",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.045"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.03"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "java sdk 7r1 sr3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3690x571490"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3.6"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 33",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application server sip core pb3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53003.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.038"
          },
          {
            "_id": null,
            "model": "db2 purescale feature",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "system management homepage b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.186"
          },
          {
            "_id": null,
            "model": "cognos planning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.040"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "meetingplace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.1.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.2.0.5"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for traffic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "initiate master data service patient hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.029"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.1.0.5"
          },
          {
            "_id": null,
            "model": "expressway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "network node manager ispi for mpls vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "smart analytics system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "57100"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pete6l",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.11"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.11"
          },
          {
            "_id": null,
            "model": "integrated management module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.00"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.12"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.1.1154"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "mobile wireless transport manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.6"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "mate design",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.85"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "infosphere master data management",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4.143"
          },
          {
            "_id": null,
            "model": "clustered data ontap antivirus connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "chassis management module 2peo12p",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.16"
          },
          {
            "_id": null,
            "model": "powervu d9190 conditional access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jboss enterprise application platform",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.4"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.05"
          },
          {
            "_id": null,
            "model": "bes12 client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.0.0.74"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.023"
          },
          {
            "_id": null,
            "model": "jre update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for db2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.41"
          },
          {
            "_id": null,
            "model": "lotus widget factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.0.1"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x353071600"
          },
          {
            "_id": null,
            "model": "tivoli access manager for e-business",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "jdk 0 09",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "aura conferencing sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.470"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0-12"
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1.2"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.13"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.022"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.1.0.7"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.11"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.2"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.09"
          },
          {
            "_id": null,
            "model": "rational developer for aix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.021"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.11"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.29"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.146"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "4"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "45000"
          },
          {
            "_id": null,
            "model": "bbm meetings for mac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "java sdk 6r1 sr8-fp3",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10.3"
          },
          {
            "_id": null,
            "model": "websphere real time sr5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "sterling control center ifix03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.2.1"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1.1"
          },
          {
            "_id": null,
            "model": "domino fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.36"
          },
          {
            "_id": null,
            "model": "webex meetings for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip telephony",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.3.1"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "jdk update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1.0.9"
          },
          {
            "_id": null,
            "model": "websphere real time sr8 fp10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for hp nonstop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "endeca server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "rational agent controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.06"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ac2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90007.5.1.0"
          },
          {
            "_id": null,
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53003.0"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.02"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.07"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.11"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi for net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50006.3"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.213"
          },
          {
            "_id": null,
            "model": "jdk update25",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "aura experience portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.3.0.12"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "phaser 3300mfp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "20.105.52.000"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.6"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x355079140"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.2"
          },
          {
            "_id": null,
            "model": "os image for red hat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0.0"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.2.4"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ac0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.4.0.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.160"
          },
          {
            "_id": null,
            "model": "jre update28",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.280"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35006.2"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.51"
          },
          {
            "_id": null,
            "model": "jdk 1.6.0 01-b06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "blend for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.2.0"
          },
          {
            "_id": null,
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "aura system platform sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50006.2"
          },
          {
            "_id": null,
            "model": "rational requisitepro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.4"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3850x571910"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.017"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "smart analytics system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10500"
          },
          {
            "_id": null,
            "model": "b2b advanced communications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.0.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.32"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.4"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "004.000(1233)"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "real-time compression appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.2.10"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for hp nonstop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "clustered data ontap antivirus connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi for net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10i",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.16"
          },
          {
            "_id": null,
            "model": "jre update33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.12"
          },
          {
            "_id": null,
            "model": "bes12 client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "12.0.0.69"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.4"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.1.0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "link for mac os (build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.1.135)"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.27"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3850x571450"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "java sdk sr11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "java sdk sr15",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura conferencing sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.0.121"
          },
          {
            "_id": null,
            "model": "communications core session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7.2.5"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "jdk update18",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "mashup center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0.1"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.8"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.1.0.7"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.5"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.6"
          },
          {
            "_id": null,
            "model": "domino fix pack if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.367"
          },
          {
            "_id": null,
            "model": "jre update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.18"
          },
          {
            "_id": null,
            "model": "telepresence profile series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.12"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.20"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.03"
          },
          {
            "_id": null,
            "model": "aura messaging sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.0.1"
          },
          {
            "_id": null,
            "model": "unified communications domain manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10.1.2"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.031"
          },
          {
            "_id": null,
            "model": "rational developer for aix and cobol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.0.1"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "im and presence service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.3.0.5"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.4"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited advanced edition for system z",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.030"
          },
          {
            "_id": null,
            "model": "cloud object store",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9.790"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.17"
          },
          {
            "_id": null,
            "model": "mate collector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura collaboration environment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "telepresence server on virtual machine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "rational sap connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0.4"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.019"
          },
          {
            "_id": null,
            "model": "api management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "proactive network operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "jre 1.6.0 37",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "bbm on android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.7.0.6"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.7-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for traffic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.19"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.7"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.780"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "network node manager ispi for mpls vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "link for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.2.3.48"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ae2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v90007.5.1.0"
          },
          {
            "_id": null,
            "model": "communications session border controller scz7.4.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.410"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "32603.50.01.11"
          },
          {
            "_id": null,
            "model": "bbm protected on blackberry os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "db2 connect enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0p",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.16"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.3"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "36000"
          },
          {
            "_id": null,
            "model": "telepresence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70104.1"
          },
          {
            "_id": null,
            "model": "cms r16.3 r6",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "rational automation framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.1"
          },
          {
            "_id": null,
            "model": "sametime",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.0.1"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "netscaler t1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "flex system manager node types",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "79550"
          },
          {
            "_id": null,
            "model": "app for netapp data ontap",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "notes fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.13"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2-77"
          },
          {
            "_id": null,
            "model": "infosphere master data management server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x350073830"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "image construction and composition tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.1.0"
          },
          {
            "_id": null,
            "model": "prime collaboration assurance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.840"
          },
          {
            "_id": null,
            "model": "telepresence content server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.035"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for traffic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.25"
          },
          {
            "_id": null,
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8w",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.51"
          },
          {
            "_id": null,
            "model": "network node manager ispi for mpls vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.039"
          },
          {
            "_id": null,
            "model": "websphere process server hypervisor edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "1"
          },
          {
            "_id": null,
            "model": "license metric tool",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.4"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "data ontap operating in 7-mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.3"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "java sdk sr8-fp10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.13"
          },
          {
            "_id": null,
            "model": "cognos planning interim fix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.12"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.026"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.4"
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.15.1"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.12"
          },
          {
            "_id": null,
            "model": "flashsystem 9848-ae1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "jre update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.60"
          },
          {
            "_id": null,
            "model": "tivoli access manager for e-business",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "java sdk sr4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "media services interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.2.15-p1",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6.0.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.055"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12k",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.13"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.2.0.8"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.014"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "(x86)4.3"
          },
          {
            "_id": null,
            "model": "notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.0"
          },
          {
            "_id": null,
            "model": "system m3 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365079450"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.5"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.0.4"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.4.19"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "telepresence advanced media gateway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "data ontap operating in 7-mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "unified attendant console premium edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "aura communication manager ssp04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6.0"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.040"
          },
          {
            "_id": null,
            "model": "upward integration modules for microsoft system center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.1.2"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3.6"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.011"
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.0"
          },
          {
            "_id": null,
            "model": "malware analyzer g2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "jdk update14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10d",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "infosphere identity insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.4.1.8"
          },
          {
            "_id": null,
            "model": "websphere lombardi edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2.3"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x22079060"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.039"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.11"
          },
          {
            "_id": null,
            "model": "physical access gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x88042590"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10k",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "upward integration modules integrated installer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "cognos insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.1"
          },
          {
            "_id": null,
            "model": "idataplex dx360 m4 water cooled type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "79790"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "jdk update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.23"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.61"
          },
          {
            "_id": null,
            "model": "dataquant",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "initiate master data service patient hub",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "malware analysis appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.3"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.8.06"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.44"
          },
          {
            "_id": null,
            "model": "rational automation framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere real time sr6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5.0"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "b2b advanced communications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.0.2"
          },
          {
            "_id": null,
            "model": "unified attendant console business edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.15-210"
          },
          {
            "_id": null,
            "model": "websphere mq for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v6"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "websphere real time sr4-fp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.16"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.5"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.0"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.6"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10g",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "jre update21",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.95"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.6"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.11"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "bbm on windows phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.0.0.24"
          },
          {
            "_id": null,
            "model": "virtualization experience media engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.11"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.08"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.037"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.0.1"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.7"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.1.1"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.45"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.8"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "rational developer for i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12p",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.8"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x365079150"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.3.6"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "tivoli monitoring fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.205"
          },
          {
            "_id": null,
            "model": "jre update32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.320"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.0.2"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1.3"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.6"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.2"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.170"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12o",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.18"
          },
          {
            "_id": null,
            "model": "security access manager for mobile",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8v"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.041"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.7"
          },
          {
            "_id": null,
            "model": "work space manager for bes10/bes12 23819 44",
            "scope": null,
            "trust": 0.3,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.780"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.12"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle with sap environments",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "upward integration modules scvmm add-in",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "identity service engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.15"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.11.04"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.19"
          },
          {
            "_id": null,
            "model": "storediq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.4"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "sametime community server hf1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9"
          },
          {
            "_id": null,
            "model": "as infinity",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "pexip",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser user interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.11"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0.860"
          },
          {
            "_id": null,
            "model": "jre 1.5.0 09",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.1"
          },
          {
            "_id": null,
            "model": "jre update25",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.3.0.1"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "email security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "netezza platform software 7.0.4.8-p3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.3"
          },
          {
            "_id": null,
            "model": "splunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "rational developer for aix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "alienvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "alienvault",
            "version": "4.12.1"
          },
          {
            "_id": null,
            "model": "notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.010"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip multicast qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "initiate master data service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "rational collaborative lifecycle management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.14"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70006.3"
          },
          {
            "_id": null,
            "model": "network performance analytics",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.64"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.6"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "rational software architect for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.4"
          },
          {
            "_id": null,
            "model": "rational requisitepro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.5.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.0"
          },
          {
            "_id": null,
            "model": "hunk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.20"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.6"
          },
          {
            "_id": null,
            "model": "systems insight manager update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.31"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rational engineering lifecycle manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "tririga for energy optimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3950x571430"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.0.1"
          },
          {
            "_id": null,
            "model": "network node manager ispi for net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "workload deployer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.17"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.141"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.12"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.3"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "flashsystem 9846-ac0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v840"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.4"
          },
          {
            "_id": null,
            "model": "notes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.1.2"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.5.045"
          },
          {
            "_id": null,
            "model": "system idataplex dx360 m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x63800"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.205"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "security privileged identity manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "content collector for sap applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ctpview 7.1r1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.4.0.5"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.16"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "sterling connect:direct browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.5.0.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.19"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "security appscan standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.8"
          },
          {
            "_id": null,
            "model": "domino fix pack interim f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.36"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "virtual connect enterprise manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "_id": null,
            "model": "rational doors web access",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.6.1.3"
          },
          {
            "_id": null,
            "model": "jdk update16",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.10"
          },
          {
            "_id": null,
            "model": "aura collaboration environment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.123"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3.0.1"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "jdk update26",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "system m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x355079460"
          },
          {
            "_id": null,
            "model": "idataplex dx360 m4 water cooled type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "79180"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet12e",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.153"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.3.3"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.213"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2.106"
          },
          {
            "_id": null,
            "model": "aura conferencing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.110"
          },
          {
            "_id": null,
            "model": "socialminer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.020"
          },
          {
            "_id": null,
            "model": "system type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x3690x571920"
          },
          {
            "_id": null,
            "model": "java sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "tivoli netcool configuration manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.6"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.023"
          },
          {
            "_id": null,
            "model": "smart analytics system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "20500"
          },
          {
            "_id": null,
            "model": "san volume controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.15"
          },
          {
            "_id": null,
            "model": "flex system fc3171 8gb san switch and san pass-thru",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.3.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.3"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "linux enterprise software development kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "_id": null,
            "model": "java sdk sr16-fp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.33"
          },
          {
            "_id": null,
            "model": "rational application developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited edition for system i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.2"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.14"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited edition for system z",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.05"
          },
          {
            "_id": null,
            "model": "rational reporting for development intelligence",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "domino fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.35"
          },
          {
            "_id": null,
            "model": "telepresence sx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bbm on ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "2.7.0.32"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.1.12"
          },
          {
            "_id": null,
            "model": "websphere message broker",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.13"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1.730"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.0.1052"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1"
          },
          {
            "_id": null,
            "model": "messaging application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "cloud manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk update29",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.0.180"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "jre update9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.7.0"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.13"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bbm protected on blackberry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "100"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50007.4.0.5"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10q",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere real time sr",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "39"
          },
          {
            "_id": null,
            "model": "aura presence services sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "datapower gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.3"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.2.0.3"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "db2 connect application server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "network node manager ispi performance for traffic",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.09"
          },
          {
            "_id": null,
            "model": "network node manager ispi for mpls vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "flex system compute node type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x24089560"
          },
          {
            "_id": null,
            "model": "java sdk sr8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "java",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.75"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.2"
          },
          {
            "_id": null,
            "model": "tivoli asset management for it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.1"
          },
          {
            "_id": null,
            "model": "cloudbridge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.2"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37006.4.1.8"
          },
          {
            "_id": null,
            "model": "rational rhapsody design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "tivoli storage flashcopy manager for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.2.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "data ontap operating in 7-mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.2.1"
          },
          {
            "_id": null,
            "model": "java sdk sr10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler for applications fp01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "adaptive security appliance software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.0(4.29)"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.3.0.5"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.9"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp05",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "java sdk sr4-fp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.1.0.6"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.6"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.1.0"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0.860"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.34"
          },
          {
            "_id": null,
            "model": "chassis management module 2peo12e",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.12"
          },
          {
            "_id": null,
            "model": "cognos controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "jre update9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.90"
          },
          {
            "_id": null,
            "model": "websphere service registry and repository studio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "rational requirements composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "java sdk 7r1 sr2-fp10",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v50006.1"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.4"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "5"
          },
          {
            "_id": null,
            "model": "flex system fc3171 8gb san switch and san pass-thru",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.1.00"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.152"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.10"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "sterling control center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.4.2.1"
          },
          {
            "_id": null,
            "model": "rational developer for power systems software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.3"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.1.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.10"
          },
          {
            "_id": null,
            "model": "systems insight manager sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "cognos insight standard edition fp",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.24"
          },
          {
            "_id": null,
            "model": "java sdk sr13-fp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.14"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3104.1"
          },
          {
            "_id": null,
            "model": "jdk update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.6.016"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "aura application server sip core sp10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53003.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0 07-b03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "flashcopy manager for unix and linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1.2"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "security identity manager virtual appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "java sdk 6r1 sr8",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "mq light",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3.2"
          },
          {
            "_id": null,
            "model": "websphere portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "cms r16",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "netezza platform software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "mysql server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.16"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.6"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "maximo asset management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.12"
          },
          {
            "_id": null,
            "model": "system m4 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x375087520"
          },
          {
            "_id": null,
            "model": "universal device service",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "jre update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.6.031"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.18"
          },
          {
            "_id": null,
            "model": "xiv storage system gen2 10.2.4.e-6",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "ip office server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.35"
          },
          {
            "_id": null,
            "model": "db2 connect unlimited edition for system z",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "domino fp if",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.242"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "network node manager ispi for ip multicast qa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.5.5"
          },
          {
            "_id": null,
            "model": "chassis management module 2pet10a",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "malware analyzer g2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "video surveillance ptz ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.841"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "rational business developer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "cloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "splunk",
            "version": "0"
          },
          {
            "_id": null,
            "model": "domino fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.13"
          },
          {
            "_id": null,
            "model": "open systems snapvault",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "thinpro linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "business process manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.12"
          },
          {
            "_id": null,
            "model": "tivoli application dependency discovery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "rational developer for aix and cobol",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "buildforge",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "system m2 type",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x350078390"
          },
          {
            "_id": null,
            "model": "jdk update22",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.0.0"
          },
          {
            "_id": null,
            "model": "telepresence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "87104.1"
          },
          {
            "_id": null,
            "model": "jdk update15",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "db2 workgroup server edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "flashcopy manager for oracle",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1.2"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.3.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "ios 15.5 s",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "prime performance manager for sps ppm sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "telepresence mx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli workload scheduler distributed fp04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5.1"
          },
          {
            "_id": null,
            "model": "insight orchestration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jre update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0.40"
          },
          {
            "_id": null,
            "model": "rational doors next generation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v37007.1"
          },
          {
            "_id": null,
            "model": "rational software architect design manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blackberry",
            "version": "1010.3.0.1418"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v35007.2.0.8"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.33"
          },
          {
            "_id": null,
            "model": "flashcopy manager for custom applications",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.0"
          },
          {
            "_id": null,
            "model": "upward integration modules for vmware vsphere",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.34"
          },
          {
            "_id": null,
            "model": "storwize",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70007.2.0.8"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.800"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.010"
          },
          {
            "_id": null,
            "model": "rational functional tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.12"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#243585"
          },
          {
            "db": "BID",
            "id": "71936"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:nec:capssuite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:csview",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:enterprise_directoryserver",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:express5800",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:infocage",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ip38x_sr100",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:istorage",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_portal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_sip_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:websam",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "HP",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "131940"
          },
          {
            "db": "PACKETSTORM",
            "id": "133316"
          },
          {
            "db": "PACKETSTORM",
            "id": "130987"
          },
          {
            "db": "PACKETSTORM",
            "id": "131408"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2015-0204",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2015-0204",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "IPA",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2015-001672",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-0204",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2015-001672",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-0204",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the \"FREAK\" issue.  NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations. SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. Man-in-the-middle attacks against such software (man-in-the-middle attack) Is performed, the key used for encryption is decrypted, SSL/TLS The traffic content may be decrypted. this is\" FREAK It is also called \u201cattack\u201d. Algorithm downgrade (CWE-757) CWE-757: Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027) https://cwe.mitre.org/data/definitions/757.html Incorrect cipher strength (CWE-326) CWE-326: Inadequate Encryption Strength https://cwe.mitre.org/data/definitions/326.html SSL/TLS Some implementations of export grade without intentional setting (512 Below bit ) of RSA Something accepts the key. If a man-in-the-middle attack is performed on such software, it is guided to use a weak key in the negotiation at the start of communication, and as a result, encrypted information may be decrypted. The discoverer has released detailed information about this matter. FREAK: Factoring RSA Export Keys https://www.smacktls.com/#freakMan-in-the-middle attacks (man-in-the-middle attack) By SSL/TLS The contents of the communication may be decrypted. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.1.0,\nand includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.1\nRelease Notes, linked to in the References section, for information on the\nmost significant of these changes. \n\nSecurity Fix(es):\n\n* It was discovered that httpd used the value of the Proxy header from HTTP\nrequests to initialize the HTTP_PROXY environment variable for CGI scripts,\nwhich in turn was incorrectly used by certain HTTP client implementations\nto configure the proxy for outgoing HTTP requests. A remote attacker could\npossibly use this flaw to redirect HTTP requests performed by a CGI script\nto an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nRelease Date: 2015-05-19\nLast Updated: 2015-05-19\n\nPotential Security Impact: Remote Denial of Service (DoS) and other\nvulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running\nOpenSSL. These vulnerabilities could be exploited remotely to create a remote\nDenial of Service (DoS) and other vulnerabilities. \n\nReferences:\n\nCVE-2015-0204\nCVE-2015-0286\nCVE-2015-0287\nCVE-2015-0289\nCVE-2015-0292\nCVE-2015-0293\nCVE-2015-0209\nCVE-2015-0288\nSSRT102000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before v0.9.8zf\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2015-0204    (AV:N/AC:M/Au:N/C:N/I:P/A:N)       4.3\nCVE-2015-0286    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0287    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0289    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0292    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2015-0293    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2015-0209    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8\nCVE-2015-0288    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to resolve these vulnerabilities. The\nupdates are available from the following URL:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL depot name\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08zf.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08zf.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08zf.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall HP-UX OpenSSL A.00.09.08zf or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zf.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 20 May 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP ThinPro Linux (x86) v5.1\nHP ThinPro Linux (x86) v5.0\nHP ThinPro Linux (x86) v4.4\nHP ThinPro Linux (x86) v4.3\nHP ThinPro Linux (x86) v4.2\nHP ThinPro Linux (x86) v4.1\nHP ThinPro Linux (ARM) v4.4\nHP ThinPro Linux (ARM) v4.3\nHP ThinPro Linux (ARM) v4.2\nHP ThinPro Linux (ARM) v4.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2014-3569    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2014-3570    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2014-3571    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2014-3572    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2014-8275    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2015-0204    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2015-0205    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2015-0206    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2015-0235    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software updates to resolve the vulnerability\nfor HP ThinPro Linux. \n\nSoftpaq:\nhttp://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe\n\nEasy Update Via ThinPro / EasyUpdate (x86):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-\n4.4-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-\n5.0-5.1-x86.xar\n\nVia ThinPro / EasyUpdate (ARM):\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-\n4.1-4.3-armel.xar\n\nhttp://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-\n4.4-armel.xar\n\nNote: Known issue on security-sp-2.0-all-4.1-4.3-arm.xar: With the patch\napplied, VMware cannot connect if security level is set to \"Refuse insecure\nconnections\". Updating VMware to the latest package on ftp.hp.com will solve\nthe problem. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: openssl security update\nAdvisory ID:       RHSA-2015:0800-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2015-0800.html\nIssue date:        2015-04-13\nCVE Names:         CVE-2014-8275 CVE-2015-0204 CVE-2015-0287 \n                   CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 \n                   CVE-2015-0293 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2015-0204)\n\nAn integer underflow flaw, leading to a buffer overflow, was found in the\nway OpenSSL decoded malformed Base64-encoded inputs. Note: this flaw is not exploitable via the TLS/SSL protocol because\nthe data being transferred is not Base64-encoded. (CVE-2015-0292)\n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. A remote attacker could use this flaw to cause a\nTLS/SSL server using OpenSSL to exit on a failed assertion if it had both\nthe SSLv2 protocol and EXPORT-grade cipher suites enabled. \nAn attacker could use these flaws to modify an X.509 certificate to produce\na certificate with a different fingerprint without invalidating its\nsignature, and possibly bypass fingerprint-based blacklisting in\napplications. (CVE-2014-8275)\n\nAn out-of-bounds write flaw was found in the way OpenSSL reused certain\nASN.1 structures. (CVE-2015-0287)\n\nA NULL pointer dereference flaw was found in OpenSSL\u0027s X.509 certificate\nhandling implementation. A specially crafted X.509 certificate could cause\nan application using OpenSSL to crash if the application attempted to\nconvert the certificate to a certificate request. (CVE-2015-0288)\n\nA NULL pointer dereference was found in the way OpenSSL handled certain\nPKCS#7 inputs. TLS/SSL clients and servers using OpenSSL were not\naffected by this flaw. (CVE-2015-0289)\n\nRed Hat would like to thank the OpenSSL project for reporting \nCVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, and \nCVE-2015-0293. Upstream acknowledges Emilia K\u00e4sper of the OpenSSL \ndevelopment team as the original reporter of CVE-2015-0287, Brian Carpenter\nas the original reporter of CVE-2015-0288, Michal Zalewski of Google as the\noriginal reporter of CVE-2015-0289, Robert Dugal and David Ramos as the \noriginal reporters of CVE-2015-0292, and Sean Burford of Google and Emilia \nK\u00e4sper of the OpenSSL development team as the original reporters of \nCVE-2015-0293. \n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1180184 - CVE-2015-0204 openssl: only allow ephemeral RSA keys in export ciphersuites (FREAK)\n1180187 - CVE-2014-8275 openssl: Fix various certificate fingerprint issues\n1202380 - CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption\n1202384 - CVE-2015-0289 openssl: PKCS7 NULL pointer dereference\n1202395 - CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding\n1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers\n1202418 - CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-0.9.8e-33.el5_11.i386.rpm\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-perl-0.9.8e-33.el5_11.i386.rpm\n\nx86_64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-perl-0.9.8e-33.el5_11.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\n\nx86_64:\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nopenssl-0.9.8e-33.el5_11.src.rpm\n\ni386:\nopenssl-0.9.8e-33.el5_11.i386.rpm\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-perl-0.9.8e-33.el5_11.i386.rpm\n\nia64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.ia64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ia64.rpm\nopenssl-devel-0.9.8e-33.el5_11.ia64.rpm\nopenssl-perl-0.9.8e-33.el5_11.ia64.rpm\n\nppc:\nopenssl-0.9.8e-33.el5_11.ppc.rpm\nopenssl-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ppc.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-devel-0.9.8e-33.el5_11.ppc.rpm\nopenssl-devel-0.9.8e-33.el5_11.ppc64.rpm\nopenssl-perl-0.9.8e-33.el5_11.ppc.rpm\n\ns390x:\nopenssl-0.9.8e-33.el5_11.s390.rpm\nopenssl-0.9.8e-33.el5_11.s390x.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.s390.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.s390x.rpm\nopenssl-devel-0.9.8e-33.el5_11.s390.rpm\nopenssl-devel-0.9.8e-33.el5_11.s390x.rpm\nopenssl-perl-0.9.8e-33.el5_11.s390x.rpm\n\nx86_64:\nopenssl-0.9.8e-33.el5_11.i686.rpm\nopenssl-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i386.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.i686.rpm\nopenssl-debuginfo-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-devel-0.9.8e-33.el5_11.i386.rpm\nopenssl-devel-0.9.8e-33.el5_11.x86_64.rpm\nopenssl-perl-0.9.8e-33.el5_11.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8275\nhttps://access.redhat.com/security/cve/CVE-2015-0204\nhttps://access.redhat.com/security/cve/CVE-2015-0287\nhttps://access.redhat.com/security/cve/CVE-2015-0288\nhttps://access.redhat.com/security/cve/CVE-2015-0289\nhttps://access.redhat.com/security/cve/CVE-2015-0292\nhttps://access.redhat.com/security/cve/CVE-2015-0293\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20150108.txt \nhttps://www.openssl.org/news/secadv_20150319.txt\nhttps://access.redhat.com/articles/1384453\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVK6+gXlSAg2UNWIIRAoSlAJ0UGwyEUVUDOKBoGDKJRsDtDdmxSwCgvH9a\nM4Bxjq//ZXaJCcyFFc1l5A4=\n=rctB\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \nHP SSL for OpenVMS: All versions prior to 1.4-502. \n\n  HP SSL 1.4-502 for OpenVMS (based on OpenSSL 0.9.8ze) is available from the\nfollowing locations:\n\n    - HP SSL for OpenVMS website:\n\n      http://h71000.www7.hp.com/openvms/products/ssl/ssl.html\n\n    - HP Support Center website:\n\n      https://h20566.www2.hp.com/portal/site/hpsc/patch/home\n\n      Note: Login using your HP Passport account. SAP \u003chttp://www.sap.com/\u003ehas released the monthly critical patch update \nfor June 2015. This patch update closes a lot of vulnerabilities in SAP \nproducts. The most popular vulnerability is Missing Authorization Check. \nThis month, three critical vulnerabilities found by ERPScan researchers \nVahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed. \n\n*Issues that were patched with the help of ERPScan*\n\nBelow are the details of SAP vulnerabilities that were found byERPScan \n\u003chttp://www.erpscan.com/\u003eresearchers. \n\n  * An XML eXternal Entity vulnerability in SAP Mobile Platform\n    on-premise (CVSS Base Score:5.5).Updateis available in SAP Security\n    Note2159601 \u003chttps://service.sap.com/sap/support/notes/2159601\u003e. An\n    attacker can use XML eXternal Entities to send specially crafted\n    unauthorized XML requests, which will be processed by the XML\n    parser. The attacker will get unauthorized access to the OS file system. \n  * A Hardcoded Credentials vulnerability in SAP Cross-System Tools\n    (CVSS Base Score:3.6).Updateis available in SAP Security Note2059659\n    \u003chttps://service.sap.com/sap/support/notes/2059659\u003e. In addition, it is likely that the\n    code will be implemented as a backdoor into the system. \n  * A Hardcoded Credentials vulnerability in SAP Data Transfer Workbench\n    (CVSS Base Score:2.1).Updateis available in SAP Security Note2057982\n    \u003chttps://service.sap.com/sap/support/notes/2057982\u003e. In addition, it is likely that the\n    code will be implemented as a backdoor into the system. \n\n\n*The most critical issues found by other researchers*\n\nSome of our readers and clients asked us to categorize the most critical \nSAP vulnerabilities to patch them first. Companies providing SAP \nSecurity Audit, SAP Security Assessment, or SAP Penetration Testing \nservices can include these vulnerabilities in their checklists. The most \ncritical vulnerabilities of this update can be patched by the following \nSAP Security Notes:\n\n  * 2151237 \u003chttps://service.sap.com/sap/support/notes/2151237\u003e: SAP GUI\n    for Windows has a Buffer Overflow vulnerability (CVSS Base\n    Score:9.3). An attacker can use Buffer Overflow for injecting\n    specially crafted code into working memory, which will be executed\n    by the vulnerable application under the privileges of that\n    application. In case of command execution,attackercan obtain\n    critical technical and business-related information stored in the\n    vulnerable SAP-system or escalate their own privileges. For this time, nobody will be able to use this service,\n    which negatively influences business processes, system downtime,\n    and, consequently, business reputation. It is recommended to install\n    this SAP Security Note to prevent risks. \n  * 2129609 \u003chttps://service.sap.com/sap/support/notes/2129609\u003e: SAP EP\n    JDBC Connector has an SQL Injection vulnerability (CVSS Base\n    Score:6.5). An attacker can use SQL Injections with the help of\n    specially crafted SQL queries. They can read and modify sensitive\n    information from a database, execute administrative operations in a\n    database, destroy data or make it unavailable. In some cases, an\n    attacker can access system data or execute OS commands. It is\n    recommended to install this SAP Security Note to prevent risks. \n  * 1997734 \u003chttps://service.sap.com/sap/support/notes/1997734\u003e: SAP RFC\n    runtime has a Missing AuthorizationXheckvulnerability (CVSS Base\n    Score:6.0). An attacker can use Missing Authorization Checks to\n    access a service without any authorization procedures and use\n    service functionality that has restricted access. It\n    is recommended to install this SAP Security Note to prevent risks. \n  * 2163306 \u003chttps://service.sap.com/sap/support/notes/2163306\u003e: SAP\n    CommonCryptoLib and SAPCRYPTOLIB are vulnerable to FREAK\n    (CVE-2015-0204, CVSS Base Score:5.0). It allows an attacker to\n    intercept HTTPS connections between vulnerable clients and servers\n    and force them to use weakened encryption, which the attacker can\n    break to steal or manipulate sensitive data. All the attacks on this\n    page assume a network adversary (i.e. a man-in-the-middle) to tamper\n    with TLS handshake messages. The typical scenario to mount such\n    attacks is by tampering with the Domain Name System (DNS), for\n    example via DNS rebinding or domain name seizure. This attack\n    targets a class of deliberately weak export cipher suites. It is\n    recommended to install this SAP Security Note to prevent risks. \n\n\n*References about the FREAK vulnerability:*\n\n  * SMACK: State Machine AttaCKs \u003chttps://www.smacktls.com/\u003e\n  * Tracking the FREAK Attack \u003chttps://freakattack.com/\u003e\n  * CVE-2015-0204\n    \u003chttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\u003e\n\n\nIt is highly recommended to patch all those SAP vulnerabilities to \nprevent business risks affecting your SAP systems. \n\nSAP has traditionally thanked the security researchers from ERPScan for \nfound vulnerabilities on theiracknowledgment page \n\u003chttp://scn.sap.com/docs/DOC-8218\u003e. \n\nAdvisories for those SAP vulnerabilities with technical details will be \navailable in 3 months onerpscan.com \u003chttp://www.erpscan.com/\u003e. \n\n-- \n\nDarya Maenkova\n\nPR manager\n\n\u003chttps://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e \n\u003chttps://twitter.com/erpscan\u003e\n\n\u003chttp://erpscan.com/\u003e\n\n------------------------------------------------------------------------\n\ne-mail: d.maenkova@erpscan.com \u003cmailto:d.maenkova@erpscan.com\u003e\n\naddress: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nphone: 650.798.5255\n\nerpscan.com \u003chttp://erpscan.com\u003e\n\n. OpenSSL Security Advisory [08 Jan 2015]\n=======================================\n\nDTLS segmentation fault in dtls1_get_record (CVE-2014-3571)\n===========================================================\n\nSeverity: Moderate\n\nA carefully crafted DTLS message can cause a segmentation fault in OpenSSL due\nto a NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Markus Stenberg of\nCisco Systems, Inc. The fix was developed by Stephen Henson of the OpenSSL\ncore team. \n\nDTLS memory leak in dtls1_buffer_record (CVE-2015-0206)\n=======================================================\n\nSeverity: Moderate\n\nA memory leak can occur in the dtls1_buffer_record function under certain\nconditions. In particular this could occur if an attacker sent repeated DTLS\nrecords with the same sequence number but for the next epoch. The memory leak\ncould be exploited by an attacker in a Denial of Service attack through memory\nexhaustion. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 7th January 2015 by Chris Mueller who also\nprovided an initial patch. Further analysis was performed by Matt Caswell of the\nOpenSSL development team, who also developed the final patch. \n\nno-ssl3 configuration sets method to NULL (CVE-2014-3569)\n=========================================================\n\nSeverity: Low\n\nWhen openssl is built with the no-ssl3 option and a SSL v3 ClientHello is\nreceived the ssl method would be set to NULL which could later result in\na NULL pointer dereference. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 17th October 2014 by Frank Schmirler. The\nfix was developed by Kurt Roeckx. \n\n\nECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)\n==========================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite\nusing an ECDSA certificate if the server key exchange message is omitted. This\neffectively removes forward secrecy from the ciphersuite. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nRSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)\n==============================================================\n\nSeverity: Low\n\nAn OpenSSL client will accept the use of an RSA temporary key in a non-export\nRSA key exchange ciphersuite. A server could present a weak temporary key\nand downgrade the security of the session. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nDH client certificates accepted without verification [Server] (CVE-2015-0205)\n=============================================================================\n\nSeverity: Low\n\nAn OpenSSL server will accept a DH certificate for client authentication\nwithout the certificate verify message. This effectively allows a client\nto authenticate without the use of a private key. This only affects servers\nwhich trust a client certificate authority which issues certificates\ncontaining DH keys: these are extremely rare and hardly ever encountered. \n\nThis issue affects OpenSSL versions: 1.0.1 and 1.0.0. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \n\nThis issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan\nBhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen\nHenson of the OpenSSL core team. \n\n\nCertificate fingerprints can be modified (CVE-2014-8275)\n========================================================\n\nSeverity: Low\n\nOpenSSL accepts several non-DER-variations of certificate signature\nalgorithm and signature encodings. OpenSSL also does not enforce a\nmatch between the signature algorithm between the signed and unsigned\nportions of the certificate. By modifying the contents of the\nsignature algorithm or the encoding of the signature, it is possible\nto change the certificate\u0027s fingerprint. \n\nThis does not allow an attacker to forge certificates, and does not\naffect certificate verification or OpenSSL servers/clients in any\nother way. It also does not affect common revocation mechanisms. Only\ncustom applications that rely on the uniqueness of the fingerprint\n(e.g. certificate blacklists) may be affected. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and\n0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nOne variant of this issue was discovered by Antti Karjalainen and\nTuomo Untinen from the Codenomicon CROSS program and reported to\nOpenSSL on 1st December 2014 by NCSC-FI Vulnerability\nCo-ordination. Another variant was independently reported to OpenSSL\non 12th December 2014 by Konrad Kraszewski from Google. Further\nanalysis was conducted and fixes were developed by Stephen Henson of\nthe OpenSSL core team. \n\nBignum squaring may produce incorrect results (CVE-2014-3570)\n=============================================================\n\nSeverity: Low\n\nBignum squaring (BN_sqr) may produce incorrect results on some\nplatforms, including x86_64. This bug occurs at random with a very\nlow probability, and is not known to be exploitable in any way, though\nits exact impact is difficult to determine. The following has been\ndetermined:\n\n*) The probability of BN_sqr producing an incorrect result at random\nis very low: 1/2^64 on the single affected 32-bit platform (MIPS) and\n1/2^128 on affected 64-bit platforms. \n*) On most platforms, RSA follows a different code path and RSA\noperations are not affected at all. For the remaining platforms\n(e.g. OpenSSL built without assembly support), pre-existing\ncountermeasures thwart bug attacks [1]. \n*) Static ECDH is theoretically affected: it is possible to construct\nelliptic curve points that would falsely appear to be on the given\ncurve. However, there is no known computationally feasible way to\nconstruct such points with low order, and so the security of static\nECDH private keys is believed to be unaffected. \n*) Other routines known to be theoretically affected are modular\nexponentiation, primality testing, DSA, RSA blinding, JPAKE and\nSRP. No exploits are known and straightforward bug attacks fail -\neither the attacker cannot control when the bug triggers, or no\nprivate key material is involved. \n\nThis issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. \n\nOpenSSL 1.0.1 users should upgrade to 1.0.1k. \nOpenSSL 1.0.0 users should upgrade to 1.0.0p. \nOpenSSL 0.9.8 users should upgrade to 0.9.8zd. \n\nThis issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuille\n(Blockstream) who also suggested an initial fix. Further analysis was\nconducted by the OpenSSL development team and Adam Langley of\nGoogle. The final fix was developed by Andy Polyakov of the OpenSSL\ncore team. \n\n[1] http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf\n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions\n1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these\nreleases will be provided after that date. Users of these releases are advised\nto upgrade. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20150108.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          },
          {
            "db": "CERT/CC",
            "id": "VU#243585"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "BID",
            "id": "71936"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0204"
          },
          {
            "db": "PACKETSTORM",
            "id": "138473"
          },
          {
            "db": "PACKETSTORM",
            "id": "131940"
          },
          {
            "db": "PACKETSTORM",
            "id": "133316"
          },
          {
            "db": "PACKETSTORM",
            "id": "130987"
          },
          {
            "db": "PACKETSTORM",
            "id": "131387"
          },
          {
            "db": "PACKETSTORM",
            "id": "131408"
          },
          {
            "db": "PACKETSTORM",
            "id": "132268"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "129867"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-0204",
            "trust": 2.3
          },
          {
            "db": "CERT/CC",
            "id": "VU#243585",
            "trust": 1.6
          },
          {
            "db": "BID",
            "id": "71936",
            "trust": 1.4
          },
          {
            "db": "JUNIPER",
            "id": "JSA10679",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "91787",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10102",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10108",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10110",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1033378",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU99125992",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672",
            "trust": 0.8
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0204",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138473",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131940",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133316",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130987",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131387",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131408",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132763",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129867",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#243585"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0204"
          },
          {
            "db": "BID",
            "id": "71936"
          },
          {
            "db": "PACKETSTORM",
            "id": "138473"
          },
          {
            "db": "PACKETSTORM",
            "id": "131940"
          },
          {
            "db": "PACKETSTORM",
            "id": "133316"
          },
          {
            "db": "PACKETSTORM",
            "id": "130987"
          },
          {
            "db": "PACKETSTORM",
            "id": "131387"
          },
          {
            "db": "PACKETSTORM",
            "id": "131408"
          },
          {
            "db": "PACKETSTORM",
            "id": "132268"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "129867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          }
        ]
      },
      "id": "VAR-201501-0338",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.48673216
      },
      "last_update_date": "2026-03-09T22:30:39.973000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "\u30a2\u30e9\u30a4\u30c9\u30c6\u30ec\u30b7\u30b9\u682a\u5f0f\u4f1a\u793e\u304b\u3089\u306e\u60c5\u5831",
            "trust": 0.8,
            "url": "http://jvn.jp/vu/JVNVU99125992/522154/index.html"
          },
          {
            "title": "NV15-016",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv15-016.html"
          },
          {
            "title": "[08 Jan 2015]",
            "trust": 0.8,
            "url": "https://www.openssl.org/news/secadv_20150108.txt"
          },
          {
            "title": "3046015",
            "trust": 0.8,
            "url": "https://technet.microsoft.com/ja-jp/library/security/3046015"
          },
          {
            "title": "Red Hat: Moderate: openssl security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150066 - Security Advisory"
          },
          {
            "title": "Cisco: OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20150113-CVE-2015-0204"
          },
          {
            "title": "Red Hat: CVE-2015-0204",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-0204"
          },
          {
            "title": "Symantec Security Advisories: SA91 : FREAK Attack",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=fb8c9ab0a61ac1def90eef5ef6757895"
          },
          {
            "title": "Ubuntu Security Notice: openssl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2459-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3125-1 openssl -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a3210fee56d96657bbff4ad44c3d0807"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-469",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-469"
          },
          {
            "title": "Splunk Security Announcements: Splunk Enterprise versions 6.1.7, 6.0.8, and 5.0.12 address two vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=e17c368f43499efc420edc223af663db"
          },
          {
            "title": "Symantec Security Advisories: SA88 : OpenSSL Security Advisory 08-Jan-2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=9281dc3b1a760e1cf2711cdf82cf64d7"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20150310-ssl"
          },
          {
            "title": "Apple: OS X Yosemite v10.10.3 and Security Update 2015-004",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=aa5ab46566482c02434bb8cf65c9614e"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=2a43c5799a7dd07d6c0a92a3b040d12f"
          },
          {
            "title": "Tenable Security Advisories: [R6] OpenSSL \u002720150319\u0027 Advisory Affects Tenable Products",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2015-04"
          },
          {
            "title": "Splunk Security Announcements: Splunk Enterprise 6.2.2 addresses two vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=d9c34d2680d213e5c9dae973a42328f1"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eaf98750f1130c39e83765575c69e165"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=744c19dc9f4f70ad58059bf8733ec9c1"
          },
          {
            "title": "Splunk Security Announcements: Splunk response to January 2015 OpenSSL vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=21b119528a2fb8c78850a17027b71424"
          },
          {
            "title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=63802a6c83b107c4e6e0c7f9241a66a8"
          },
          {
            "title": "FreakVulnChecker",
            "trust": 0.1,
            "url": "https://github.com/felmoltor/FreakVulnChecker "
          },
          {
            "title": "Freak-Scanner",
            "trust": 0.1,
            "url": "https://github.com/scottjpack/Freak-Scanner "
          },
          {
            "title": "FREAK-Attack-CVE-2015-0204-Testing-Script",
            "trust": 0.1,
            "url": "https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script "
          },
          {
            "title": "stuff",
            "trust": 0.1,
            "url": "https://github.com/thekondrashov/stuff "
          },
          {
            "title": "non-controlflow-hijacking-datasets",
            "trust": 0.1,
            "url": "https://github.com/camel-clarkson/non-controlflow-hijacking-datasets "
          },
          {
            "title": "scz_doc_copy",
            "trust": 0.1,
            "url": "https://github.com/TopCaver/scz_doc_copy "
          },
          {
            "title": "checks",
            "trust": 0.1,
            "url": "https://github.com/cryptflow/checks "
          },
          {
            "title": "tls",
            "trust": 0.1,
            "url": "https://github.com/greyleonie/tls "
          },
          {
            "title": "JPN_RIC13351-2",
            "trust": 0.1,
            "url": "https://github.com/neominds/JPN_RIC13351-2 "
          },
          {
            "title": "script_a2sv",
            "trust": 0.1,
            "url": "https://github.com/F4RM0X/script_a2sv "
          },
          {
            "title": "a2sv",
            "trust": 0.1,
            "url": "https://github.com/hahwul/a2sv "
          },
          {
            "title": "a2sv",
            "trust": 0.1,
            "url": "https://github.com/84KaliPleXon3/a2sv "
          },
          {
            "title": "a2sv",
            "trust": 0.1,
            "url": "https://github.com/TheRipperJhon/a2sv "
          },
          {
            "title": "sslscanner",
            "trust": 0.1,
            "url": "https://github.com/fireorb/sslscanner "
          },
          {
            "title": "a2sv",
            "trust": 0.1,
            "url": "https://github.com/H4CK3RT3CH/a2sv "
          },
          {
            "title": "HTTPSScan",
            "trust": 0.1,
            "url": "https://github.com/alexoslabs/HTTPSScan "
          },
          {
            "title": "A2SV--SSL-VUL-Scan",
            "trust": 0.1,
            "url": "https://github.com/nyctophile6/A2SV--SSL-VUL-Scan "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2015/07/06/awoogah_get_ready_to_patch_severe_bug_in_openssl_this_thursday/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2015/03/13/cisco_freaks_out_starts_epic_openssl_bugsplat/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2015/03/03/government_crippleware_freaks_out_tlsssl/"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2015/01/09/dead_openssl_bugs_more_fleas_than_poodles/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-0204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.smacktls.com/#freak"
          },
          {
            "trust": 1.6,
            "url": "https://www.openssl.org/news/secadv_20150108.txt"
          },
          {
            "trust": 1.4,
            "url": "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0"
          },
          {
            "trust": 1.4,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150310-ssl"
          },
          {
            "trust": 1.4,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0066.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
          },
          {
            "trust": 1.4,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0849.html"
          },
          {
            "trust": 1.4,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "trust": 1.4,
            "url": "https://support.citrix.com/article/ctx216642"
          },
          {
            "trust": 1.2,
            "url": "https://www.openssl.org/news/secadv_20150319.txt"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0800.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/71936"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:019"
          },
          {
            "trust": 1.1,
            "url": "http://support.novell.com/security/cve/cve-2015-0204.html"
          },
          {
            "trust": 1.1,
            "url": "https://freakattack.com/"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2015/dsa-3125"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=142496289803847\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=142720981827617\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:063"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2015/apr/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/ht204659"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050254401665\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=142895206924048\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=144050205101530\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=142496179803395\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "trust": 1.1,
            "url": "https://bto.bluecoat.com/security-advisory/sa88"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "https://bto.bluecoat.com/security-advisory/sa91"
          },
          {
            "trust": 1.1,
            "url": "https://security.gentoo.org/glsa/201503-11"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1033378"
          },
          {
            "trust": 1.1,
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773241"
          },
          {
            "trust": 1.1,
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "trust": 1.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10110"
          },
          {
            "trust": 1.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10108"
          },
          {
            "trust": 1.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10102"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99707"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
          },
          {
            "trust": 0.8,
            "url": "http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/757.html"
          },
          {
            "trust": 0.8,
            "url": "http://cwe.mitre.org/data/definitions/326.html"
          },
          {
            "trust": 0.8,
            "url": "https://tools.ietf.org/html/rfc4346#appendix-f.1.1.2"
          },
          {
            "trust": 0.8,
            "url": "https://technet.microsoft.com/library/security/3046015.aspx"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu99125992/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.kb.cert.org/vuls/id/243585"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
          },
          {
            "trust": 0.5,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.5,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
          },
          {
            "trust": 0.4,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2015-0204"
          },
          {
            "trust": 0.3,
            "url": "http://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2015-01-30.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.splunk.com/view/sp-caaanv8#announce1"
          },
          {
            "trust": 0.3,
            "url": "http://openssl.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.splunk.com/view/sp-caaanu5#affectedproductsandcomponents"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699883"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699667"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/feb/160"
          },
          {
            "trust": 0.3,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10679\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/101011689"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04746490"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04602055"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04773241"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765115"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04765169"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774019"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04774021"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04679334"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022548"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022550"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005334"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902260"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903805"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960151"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960634"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963126"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21963526"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21964496"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21964610"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21964625"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964730"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966177"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698818"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883857"
          },
          {
            "trust": 0.3,
            "url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory12.asc"
          },
          {
            "trust": 0.3,
            "url": "http://aix.software.ibm.com/aix/efixes/security/java_april2015_advisory.asc"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960515"
          },
          {
            "trust": 0.3,
            "url": "https://www.xerox.com/download/security/security-bulletin/32cfd-51ec67c0f86df/cert_security_mini-_bulletin_xrx15ah_for_p3600_v1-0.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://www.xerox.com/download/security/security-bulletin/30b1a-51f527aa71c0f/cert_security_mini-_bulletin_xrx15aj_for_wc3550_v1-0.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://www.xerox.com/download/security/security-bulletin/38cb3-51fe2768b1a74/cert_security_mini-_bulletin_xrx15ak_for_p3635mfp_v1-0.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://www.xerox.com/download/security/security-bulletin/3497e-521fff9cafe80/cert_security_mini-_bulletin_xrx15am_for_p30xx_p3260_wc30xx_wc3225_v1-0.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902444"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902710"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960815"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957999"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959525"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965448"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903747"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964850"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957855"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958902"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959575"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959252"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699271"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020751"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/101008182"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/101011698"
          },
          {
            "trust": 0.3,
            "url": "https://www.openssl.org/news/vulnerabilities.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "trust": 0.3,
            "url": "https://downloads.avaya.com/css/p8/documents/101011712"
          },
          {
            "trust": 0.3,
            "url": "https://service.sap.com/sap/support/notes/2163306"
          },
          {
            "trust": 0.3,
            "url": "https://www.alienvault.com/forums/discussion/4475/security-advisory-alienvault-v4-15-1-addresses-twenty-20-vulnerabilities"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903636"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005351"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963964"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903396"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967539"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903541"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903029"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957813"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965485"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964027"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903651"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958017"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903247"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903256"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903516"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965920"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961223"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903031"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965404"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962552"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958919"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21958918"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957919"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962838"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962837"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960075"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902765"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902862"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902866"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959306"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903394"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957779"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961493"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005328"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098593"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964236"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957995"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903299"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005159"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699938"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902635"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700163"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097912"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902694"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902277"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697291"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699235"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097796"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700168"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21697162"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097823"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700411"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701354"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700028"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022100"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005158"
          },
          {
            "trust": 0.3,
            "url": "http://www.splunk.com/view/sp-caaanxd"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005370"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009328"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960460"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963609"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965940"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967498"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967709"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967962"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968485"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21968869"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695985"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022074"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21701453"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098358"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959002"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097360"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699052"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699810"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699069"
          },
          {
            "trust": 0.3,
            "url": "https://www.xerox.com/download/security/security-bulletin/2e28e-523433d609b1d/cert_security_mini-_bulletin_xrx15ap_for_wc6400_v1-0.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0292"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/310.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2015:0066"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/felmoltor/freakvulnchecker"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37722"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2459-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3110"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5387"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3570"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/site/documentation/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=distributions\u0026version=2.1.1"
          },
          {
            "trust": 0.1,
            "url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
          },
          {
            "trust": 0.1,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5409"
          },
          {
            "trust": 0.1,
            "url": "http://h20566.www2.hpe.com/hpsc/doc/public/display?calledby=search_result\u0026doc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5412"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5413"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com/swpublishing/mtx-20861d704bc04221a1518b7cb6"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5410"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5411"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/4.2/service_packs/security-sp-2.0-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/4.3/service_packs/security-sp-2.0-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/5.1/service_packs/security-sp-2.1-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.1-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/5.0/service_packs/security-sp-2.1-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/4.1/service_packs/security-sp-2.0-all-"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/softpaq/sp70501-71000/sp70649.exe"
          },
          {
            "trust": 0.1,
            "url": "http://ftp.hp.com/pub/tcdebian/updates/4.4/service_packs/security-sp-2.0-all-"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/1384453"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0288"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0292"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8275"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0293"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0287"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0289"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/patch/home"
          },
          {
            "trust": 0.1,
            "url": "http://h71000.www7.hp.com/openvms/products/ssl/ssl.html"
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2057982\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2159601\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://erpscan.com\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://scn.sap.com/docs/doc-8218\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2129609\u003e:"
          },
          {
            "trust": 0.1,
            "url": "https://freakattack.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://twitter.com/erpscan\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.erpscan.com/\u003eresearchers."
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2151237\u003e:"
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2163306\u003e:"
          },
          {
            "trust": 0.1,
            "url": "http://www.sap.com/\u003ehas"
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/1997734\u003e:"
          },
          {
            "trust": 0.1,
            "url": "http://erpscan.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://service.sap.com/sap/support/notes/2059659\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://www.smacktls.com/\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://www.erpscan.com/\u003e."
          },
          {
            "trust": 0.1,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0207"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0285"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9653"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0208"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com/go/smh"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/about/releasestrat.html),"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/about/secpolicy.html"
          },
          {
            "trust": 0.1,
            "url": "http://css.csail.mit.edu/6.858/2013/readings/rsa-bug-attacks.pdf"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#243585"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0204"
          },
          {
            "db": "BID",
            "id": "71936"
          },
          {
            "db": "PACKETSTORM",
            "id": "138473"
          },
          {
            "db": "PACKETSTORM",
            "id": "131940"
          },
          {
            "db": "PACKETSTORM",
            "id": "133316"
          },
          {
            "db": "PACKETSTORM",
            "id": "130987"
          },
          {
            "db": "PACKETSTORM",
            "id": "131387"
          },
          {
            "db": "PACKETSTORM",
            "id": "131408"
          },
          {
            "db": "PACKETSTORM",
            "id": "132268"
          },
          {
            "db": "PACKETSTORM",
            "id": "132763"
          },
          {
            "db": "PACKETSTORM",
            "id": "129867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#243585",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-0204",
            "ident": null
          },
          {
            "db": "BID",
            "id": "71936",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138473",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131940",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "133316",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130987",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131387",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131408",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132763",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129867",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-001672",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-0204",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-03-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#243585",
            "ident": null
          },
          {
            "date": "2015-01-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-0204",
            "ident": null
          },
          {
            "date": "2015-01-08T00:00:00",
            "db": "BID",
            "id": "71936",
            "ident": null
          },
          {
            "date": "2016-08-22T23:25:00",
            "db": "PACKETSTORM",
            "id": "138473",
            "ident": null
          },
          {
            "date": "2015-05-20T23:06:10",
            "db": "PACKETSTORM",
            "id": "131940",
            "ident": null
          },
          {
            "date": "2015-08-26T01:33:07",
            "db": "PACKETSTORM",
            "id": "133316",
            "ident": null
          },
          {
            "date": "2015-03-24T17:05:09",
            "db": "PACKETSTORM",
            "id": "130987",
            "ident": null
          },
          {
            "date": "2015-04-13T14:03:56",
            "db": "PACKETSTORM",
            "id": "131387",
            "ident": null
          },
          {
            "date": "2015-04-14T18:54:44",
            "db": "PACKETSTORM",
            "id": "131408",
            "ident": null
          },
          {
            "date": "2015-06-11T23:51:55",
            "db": "PACKETSTORM",
            "id": "132268",
            "ident": null
          },
          {
            "date": "2015-07-21T13:37:51",
            "db": "PACKETSTORM",
            "id": "132763",
            "ident": null
          },
          {
            "date": "2015-01-09T02:01:10",
            "db": "PACKETSTORM",
            "id": "129867",
            "ident": null
          },
          {
            "date": "2015-03-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-001672",
            "ident": null
          },
          {
            "date": "2015-01-09T02:59:10.287000",
            "db": "NVD",
            "id": "CVE-2015-0204",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-10-27T00:00:00",
            "db": "CERT/CC",
            "id": "VU#243585",
            "ident": null
          },
          {
            "date": "2018-07-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-0204",
            "ident": null
          },
          {
            "date": "2018-10-08T07:00:00",
            "db": "BID",
            "id": "71936",
            "ident": null
          },
          {
            "date": "2017-03-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-001672",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-0204",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "71936"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "_id": null,
        "data": "SSL/TLS implementations accept export-grade RSA keys (FREAK attack)",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#243585"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "Design Error",
        "sources": [
          {
            "db": "BID",
            "id": "71936"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-201606-0477

    Vulnerability from variot - Updated: 2026-03-09 22:12

    The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. OpenSSL Security Advisory [22 Sep 2016] ========================================

    OCSP Status Request extension unbounded memory growth (CVE-2016-6304)

    Severity: High

    A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.

    Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.

    OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    SSL_peek() hang on empty record (CVE-2016-6305)

    Severity: Moderate

    OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.

    OpenSSL 1.1.0 users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.

    SWEET32 Mitigation (CVE-2016-2183)

    Severity: Low

    SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.

    OOB write in MDC2_Update() (CVE-2016-6303)

    Severity: Low

    An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.

    The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Malformed SHA512 ticket DoS (CVE-2016-6302)

    Severity: Low

    If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.

    The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    OOB write in BN_bn2dec() (CVE-2016-2182)

    Severity: Low

    The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    OOB read in TS_OBJ_print_bio() (CVE-2016-2180)

    Severity: Low

    The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Pointer arithmetic undefined behaviour (CVE-2016-2177)

    Severity: Low

    Avoid some undefined pointer arithmetic

    A common idiom in the codebase is to check limits in the following manner: "p + len > limit"

    Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE

    "len" here could be from some externally supplied data (e.g. from a TLS message).

    The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.

    For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.

    Constant time flag not preserved in DSA signing (CVE-2016-2178)

    Severity: Low

    Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.

    DTLS buffered message DoS (CVE-2016-2179)

    Severity: Low

    In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.

    OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.

    DTLS replay protection DoS (CVE-2016-2181)

    Severity: Low

    A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.

    OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.

    Certificate message OOB reads (CVE-2016-6306)

    Severity: Low

    In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.

    The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.

    OpenSSL 1.1.0 is not affected.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)

    Severity: Low

    A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

    1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

    Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

    This issue does not affect DTLS users.

    OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)

    Severity: Low

    This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.

    A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

    1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

    Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

    This issue does not affect TLS users.

    OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    Note

    As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.

    Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt

    Note: the online version of the advisory may be updated with additional details over time.

    For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================

    1. Summary:

    An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)

    • It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)

    • An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)

    • A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

    This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.

    • An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)

    • Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)

    • An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)

    Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Desktop Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux HPC Node (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Optional (v. 6):

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

    ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm

    s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm

    s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Client (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm

    ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm

    s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm

    ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm

    s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Summary:

    An update is now available for JBoss Core Services on RHEL 7. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/

    CVE-2016-2178

    Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
    leak in the DSA code.
    

    CVE-2016-2179 / CVE-2016-2181

    Quan Luo and the OCAP audit team discovered denial of service
    vulnerabilities in DTLS.
    

    For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.

    For the unstable distribution (sid), these problems will be fixed soon. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a

    Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a

    Of the 16 released vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system

    Five of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. ========================================================================== Ubuntu Security Notice USN-3087-1 September 22, 2016

    openssl vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS

    Summary:

    Several security issues were fixed in OpenSSL. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)

    Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181)

    Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182)

    Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183)

    Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)

    Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.4

    Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.20

    Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.37

    After a standard system update you need to reboot your computer to make all the necessary changes. Description:

    This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering.

    This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. (CVE-2016-2108)

    • It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)

    • It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459)

    • An error was found in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules. After installing the updated packages, the httpd daemon will be restarted automatically. (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)

    • This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)

    • This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)

    • This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)

    • This update fixes two flaws in mod_cluster. (CVE-2016-6808)

    • A memory leak flaw was fixed in expat.

    See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution:

    The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). JIRA issues fixed (https://issues.jboss.org/):

    JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service

    6

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "1.0.2g"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1p"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1f"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1d"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "5.0.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1n"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1s"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1q"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.47"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1t"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1b"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.12.16"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.12.0"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "4.2.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1h"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "4.6.0"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1j"
          },
          {
            "_id": null,
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "6.7.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1o"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1r"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1k"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1m"
          },
          {
            "_id": null,
            "model": "stealthwatch udp director",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "paging server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "content security management appliance",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cloud web security",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.26"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.22"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.16"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.14"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.13"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.12"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.11"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.9"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.8"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.18"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "transportation management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "transportation management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.71"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.55"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.54"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.9.15.9.8"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.8.15.7.15"
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3.8"
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.3.0.1098"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.2.4.1102"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.1.4.7895"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.15"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.14"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.13"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.12"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.9"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.8"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.7"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.6"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.5"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.4"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.3"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.2"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.33"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.32"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.31"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.30"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.28"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.27"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.26"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.25"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.24"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.23"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.22"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.21"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.17"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.12"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.11"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.10"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.9"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.6"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.11"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.10"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.8"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.7"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.5"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.4"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.29"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.20"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.2"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.19"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.18"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.16"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.15"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.14"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.13"
          },
          {
            "_id": null,
            "model": "jd edwards enterpriseone tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.1.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.3.2"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.2"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.4"
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "13.2.0.0"
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "13.1.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.2.0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.1.0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.0.2"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.0.1"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.4.1.5.0"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.4.1.2"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.4.1.2"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1.2.0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.9.0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.7.0"
          },
          {
            "_id": null,
            "model": "api gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.2.4.0"
          },
          {
            "_id": null,
            "model": "access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.3.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8u",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.11"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.0x"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zh",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zg",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zf",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8ze",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zd",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zc",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8zb",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8za",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8y",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8x"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8w",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8."
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8v"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.405"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.404"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.403"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.402"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.401"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.400"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.4"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3"
          },
          {
            "_id": null,
            "model": "email gateway 7.6.405h1165239",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "email gateway 7.6.405h1157986",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3.2"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3.1"
          },
          {
            "_id": null,
            "model": "email gateway 7.6.2h968406",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.1"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.151.05"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment intirim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.133"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.3"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.116"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20280.6"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment 5.1.fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1051.07"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.0.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images system edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x7.1.1.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20280.6"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.0"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience on cloud network capture add-on",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "16.1.01"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.6.1.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.6.0.1"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.6.0.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.4"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.3"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.2"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.1"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.2.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.1.3"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.1.0"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.2"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.1"
          },
          {
            "_id": null,
            "model": "storwize unified",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "v70001.5.0.0"
          },
          {
            "_id": null,
            "model": "storediq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.9"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.13"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.12"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.4"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.3"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.2"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.1"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.1.3"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.1.0"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.2"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.1"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.4"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0.4"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0.4"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.4"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.4"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.3"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.2"
          },
          {
            "_id": null,
            "model": "service delivery manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.1"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.3"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.4"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.3"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.2"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.1"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.9"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.8"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.6"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.5"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.4"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.3"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.2"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.10"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.1"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.2"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.6.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.5.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.6.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.5.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.4.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.3.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.2.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.1.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.4.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.2.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.3.1.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.9"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.8"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.4"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.3"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.14"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.13"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.12"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.11"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.10"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.1"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.3"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.1"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.9"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.7"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.6"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.5"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.3"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.21"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.20"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.2"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.19"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.18"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.15"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.14"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.13"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.12"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.11"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.7"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.6"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.5"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.4"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "rational application developer for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "rational application developer for websphere software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openssh for gpfs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.0"
          },
          {
            "_id": null,
            "model": "lotus protector for mail security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.8.3.0"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.20"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.4.0"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.3.0"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.11"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "bigfix remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "api management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "api connect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex node for mcs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex meetings server ssl gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "webex meetings server multimedia platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "webex meetings for windows phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "80"
          },
          {
            "_id": null,
            "model": "webex meetings for blackberry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex meetings for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex meetings client on-premises",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "webex meetings client hosted",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "webex meeting center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "web security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "visual quality experience tools server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "visual quality experience server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtualization experience media edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtual security gateway for microsoft hyper-v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtual security gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "videoscape control suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "videoscape anyres live",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance ptz ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance media server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60000"
          },
          {
            "_id": null,
            "model": "video surveillance 4300e and 4500e high-definition ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance series high-definition ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "video distribution suite for internet streaming",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "universal small cell iuh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.99.4"
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70003.4.2.0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50003.4.2.0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "unity express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unity connection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified workforce optimization quality management solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "unified workforce optimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified sip proxy software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified sip proxy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified meetingplace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "99710"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "99510"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "89610"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "89450"
          },
          {
            "_id": null,
            "model": "unified ip conference phone for third-party call control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88310"
          },
          {
            "_id": null,
            "model": "unified ip conference phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88310"
          },
          {
            "_id": null,
            "model": "unified ip series phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "79000"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "69450"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "69010"
          },
          {
            "_id": null,
            "model": "unified intelligent contact management enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified intelligence center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified contact center express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise live data server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications manager session management edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications manager im \u0026 presence service (formerly c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications domain manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console premium edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console department edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console business edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console advanced",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs standalone c-series rack server integrated management cont",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "ucs manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs central software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs b-series blade servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs series and series fabric interconnects",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "620063000"
          },
          {
            "_id": null,
            "model": "uc integration for microsoft lync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence tx9000 series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system tx1310",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system ex series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-370"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-320"
          },
          {
            "_id": null,
            "model": "telepresence system series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "13000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "telepresence system tx9000",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-37"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-32"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "telepresence sx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence supervisor mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "80500"
          },
          {
            "_id": null,
            "model": "telepresence server on virtual machine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8200"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media and",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3103200"
          },
          {
            "_id": null,
            "model": "telepresence server and mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "701087100"
          },
          {
            "_id": null,
            "model": "telepresence serial gateway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence profile series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence mx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence isdn link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence isdn gateway mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83210"
          },
          {
            "_id": null,
            "model": "telepresence isdn gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32410"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence content server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence conductor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tapi service provider",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tandberg codian mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83200"
          },
          {
            "_id": null,
            "model": "tandberg codian isdn gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "stealthwatch management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "stealthwatch identity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "stealthwatch flowcollector sflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "stealthwatch flowcollector netflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spa525g 5-line ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spa51x ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spa232d multi-line dect analog telephone adapter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spa122 analog telephone adapter with router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spa112 2-port phone adapter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "socialminer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smart net total care local collector appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "smart care",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "small business spa500 series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "small business spa300 series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "small business series managed switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "small business series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "show and share",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "services provisioning platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "registered envelope service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "proactive network operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime optical for service providers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime optical",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime network services controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime network",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime license manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime lan management solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime ip express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime infrastructure plug and play standalone gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime data center network manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "prime collaboration provisioning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime collaboration deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime collaboration assurance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime access registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "physical access gateways",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "partner support service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "packaged contact center enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons series multiservice provisioning platforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "onepk all-in-one vm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "onepk all-in-one virtual machine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "one portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series switches standalone nx-os mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "nexus series fabric switches aci mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "nexus series blade switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "nexus intercloud for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "nexus intercloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "network performance analysis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "network analysis module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netflow generation appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nac guest server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nac appliance clean access server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "nac appliance clean access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "mxe series media experience engines",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "multicast manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mobility services engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mediasense",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "media services interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90000"
          },
          {
            "_id": null,
            "model": "management appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "lancope stealthwatch flowcollector sflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "lancope stealthwatch flowcollector netflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber software development kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber guest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for mac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for iphone and ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber client framework components",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ironport email security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ip interoperability and collaboration system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ip series phones vpn feature",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8800-0"
          },
          {
            "_id": null,
            "model": "ip series phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "78000"
          },
          {
            "_id": null,
            "model": "ios xr software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "intrusion prevention system solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "intracer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "intelligent automation for cloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "identity services engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hosted collaboration mediation fulfillment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "expressway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise content delivery system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "email security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3400"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "dx series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "content security appliance update servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "connected analytics for collaboration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "configuration professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "computer telephony integration object server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "common services platform collector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cloupia unified infrastructure controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cloud object storage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "clean access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "broadband access center telco and wireless",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ata series analog terminal adaptors",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1900"
          },
          {
            "_id": null,
            "model": "ata analog telephone adaptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1870"
          },
          {
            "_id": null,
            "model": "asr series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "asa next-generation firewall services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application networking manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "application and content networking system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "27000"
          },
          {
            "_id": null,
            "model": "agent for openflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "agent desktop for cisco unified contact center express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "agent desktop",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "adaptive security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ace30 application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ace application control engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "47100"
          },
          {
            "_id": null,
            "model": "industrial router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9100"
          },
          {
            "_id": null,
            "model": "series stackable managed switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "series stackable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "series digital media players",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44000"
          },
          {
            "_id": null,
            "model": "series digital media players",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "43000"
          },
          {
            "_id": null,
            "model": "series smart plus switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2200"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.7"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "x-series xos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "ssl visibility",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "ssl visibility 3.8.4fc",
            "scope": null,
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": null
          },
          {
            "_id": null,
            "model": "policycenter s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "policycenter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "packetshaper s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "packetshaper s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "packetshaper s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "packetshaper s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "packetshaper s-series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "packetshaper",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "norman shark scada protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "norman shark network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "norman shark industrial control system protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "malware analysis appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bluecoat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.1.8"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.28"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.15.17.3.14"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.406-3402.103"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1051.08"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20290.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20290.1"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.13150-13"
          },
          {
            "_id": null,
            "model": "sonas",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.2.5"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.3.1"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.5"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.11"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.7.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.6.0.0"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.15"
          },
          {
            "_id": null,
            "model": "sdk for node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.4"
          },
          {
            "_id": null,
            "model": "powerkvm update",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.23"
          },
          {
            "_id": null,
            "model": "powerkvm update",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.3-6513"
          },
          {
            "_id": null,
            "model": "bigfix remote control",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "wireless lan controller",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.1.30"
          },
          {
            "_id": null,
            "model": "webex meetings for windows phone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82.8"
          },
          {
            "_id": null,
            "model": "webex meetings client on-premises t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "webex meetings client hosted t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "webex centers t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "virtualization experience media edition",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "virtual security gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "videoscape anyres live",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.7.2"
          },
          {
            "_id": null,
            "model": "video surveillance ptz ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70002.9"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60002.9"
          },
          {
            "_id": null,
            "model": "video surveillance 4300e and 4500e high-definition ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "video surveillance series high-definition ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40002.9"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30002.9"
          },
          {
            "_id": null,
            "model": "video distribution suite for internet streaming",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.003(002)"
          },
          {
            "_id": null,
            "model": "universal small cell iuh",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.17.3"
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.17.3"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70003.5.12.23"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50003.5.12.23"
          },
          {
            "_id": null,
            "model": "unity express",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10"
          },
          {
            "_id": null,
            "model": "unified workforce optimization quality management solution 11.5 su1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified sip proxy software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10"
          },
          {
            "_id": null,
            "model": "unified meetingplace 8.6mr1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified ip conference phone for third-party call control 9.3 sr3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8831"
          },
          {
            "_id": null,
            "model": "unified ip conference phone 10.3.1sr4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8831"
          },
          {
            "_id": null,
            "model": "unified ip phone 9.3 sr3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6901"
          },
          {
            "_id": null,
            "model": "unified intelligent contact management enterprise",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "unified intelligence center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6(1)"
          },
          {
            "_id": null,
            "model": "unified contact center express",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "ucs standalone c-series rack server integrated management cont",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-3.0"
          },
          {
            "_id": null,
            "model": "ucs b-series blade servers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "uc integration for microsoft lync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.3"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x8.8.3"
          },
          {
            "_id": null,
            "model": "telepresence tx9000 series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "telepresence system tx1310",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "telepresence system ex series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence system ex series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-376.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-326.1"
          },
          {
            "_id": null,
            "model": "telepresence system series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30006.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "13006.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11006.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10006.1"
          },
          {
            "_id": null,
            "model": "telepresence sx series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence sx series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8204.4"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media and",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3103204.4"
          },
          {
            "_id": null,
            "model": "telepresence server and mse",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "701087104.4"
          },
          {
            "_id": null,
            "model": "telepresence profile series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence profile series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence mx series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence mx series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5(1.89)"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence integrator c series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "spa232d multi-line dect analog telephone adapter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "spa122 analog telephone adapter with router",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "spa112 2-port phone adapter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "services provisioning platform sfp1.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "security manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.13"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.8.0.32.8"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.8.0.32.7"
          },
          {
            "_id": null,
            "model": "prime performance manager sp1611",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "prime network services controller 1.01u",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.3.5"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "prime network",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "431"
          },
          {
            "_id": null,
            "model": "prime infrastructure",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "prime collaboration provisioning",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "prime collaboration assurance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "ons series multiservice provisioning platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1545410.7"
          },
          {
            "_id": null,
            "model": "nexus series switches standalone nx-os mode 7.0 i5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-"
          },
          {
            "_id": null,
            "model": "nexus series fabric switches aci mode",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70006.2.19"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.2.19"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6000"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.2.19"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "nexus series blade switches 4.1 e1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4000"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2 sv3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v"
          },
          {
            "_id": null,
            "model": "network analysis module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(2)"
          },
          {
            "_id": null,
            "model": "network analysis module 6.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "netflow generation appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.1(1)"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90006.2.19"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "jabber software development kit",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "jabber guest",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11"
          },
          {
            "_id": null,
            "model": "jabber for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "jabber for mac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "jabber for iphone and ipad",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "jabber for android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "jabber client framework components",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "ip interoperability and collaboration system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(1)"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.4"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.3"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15.5(3)"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.1.3"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.1.9"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.0.10"
          },
          {
            "_id": null,
            "model": "expressway series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x8.8.3"
          },
          {
            "_id": null,
            "model": "enterprise content delivery system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.9"
          },
          {
            "_id": null,
            "model": "email security appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "edge digital media player 1.2rb1.0.3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "340"
          },
          {
            "_id": null,
            "model": "edge digital media player 1.6rb5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "300"
          },
          {
            "_id": null,
            "model": "digital media manager 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "digital media manager 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "dcm series d9900 digital content manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "content security management appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.140"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15.8.9"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "computer telephony integration object server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "common services platform collector",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "ata series analog terminal adaptors",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1901.3"
          },
          {
            "_id": null,
            "model": "asr series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500021.2"
          },
          {
            "_id": null,
            "model": "asa next-generation firewall services",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2(1)"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x4.0.7"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for linux",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.4"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.3"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.2"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.1"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270015.5(3)"
          },
          {
            "_id": null,
            "model": "industrial router 1.2.1rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "910"
          },
          {
            "_id": null,
            "model": "series digital media players 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4400"
          },
          {
            "_id": null,
            "model": "series digital media players 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4400"
          },
          {
            "_id": null,
            "model": "series digital media players 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4300"
          },
          {
            "_id": null,
            "model": "series digital media players 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4300"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "91081"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Guido Vranken,The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2016-2178",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-2178",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2016-2178",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-2178",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201606-265",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-2178",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2178"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. \nLocal attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2.  OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: openssl security update\nAdvisory ID:       RHSA-2016:1940-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date:        2016-09-27\nCVE Names:         CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n                   CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n                   CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nAn update is now available for JBoss Core Services on RHEL 7. Additional information can be found at\n    https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/    \n\nCVE-2016-2178\n\n    Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n    leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n    Quan Luo and the OCAP audit team discovered denial of service\n    vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a\n\nSubsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a\n\nOf the 16 released vulnerabilities:\n    Fourteen track issues that could result in a denial of service (DoS) condition\n    One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality\n    One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system\n\nFive of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. ==========================================================================\nUbuntu Security Notice USN-3087-1\nSeptember 22, 2016\n\nopenssl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. \n(CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. \n(CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  libssl1.0.0                     1.0.2g-1ubuntu4.4\n\nUbuntu 14.04 LTS:\n  libssl1.0.0                     1.0.1f-1ubuntu2.20\n\nUbuntu 12.04 LTS:\n  libssl1.0.0                     1.0.1-4ubuntu5.37\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nThis release adds the new Apache HTTP Server 2.4.23 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.6, and includes bug fixes and enhancements. Refer to the\nRelease Notes for information on the most significant bug fixes and\nenhancements included in this release. \n(CVE-2016-2108)\n\n* It was found that the length checks prior to writing to the target buffer\nfor creating a virtual host mapping rule did not take account of the length\nof the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. (CVE-2016-4459)\n\n* An error was found in protocol parsing logic of mod_cluster load balancer\nApache HTTP Server modules. After installing the updated\npackages, the httpd daemon will be restarted automatically. (CVE-2014-8176,\nCVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196,\nCVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nCVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)\n\n* This update fixes two flaws in mod_cluster. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. \n\nSee the corresponding CVE pages linked to in the References section for\nmore information about each of the flaws listed in this advisory. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          },
          {
            "db": "BID",
            "id": "91081"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-2178"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "138817"
          },
          {
            "db": "PACKETSTORM",
            "id": "138889"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          }
        ],
        "trust": 1.98
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-2178",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "91081",
            "trust": 2.0
          },
          {
            "db": "MCAFEE",
            "id": "SB10215",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/6",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/7",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/5",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/09/8",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/2",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/12",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/8",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/11",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/09/2",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/10",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/4",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-16",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-21",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-20",
            "trust": 1.7
          },
          {
            "db": "JUNIPER",
            "id": "JSA10759",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1036054",
            "trust": 1.7
          },
          {
            "db": "PULSESECURE",
            "id": "SA40312",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-412672",
            "trust": 1.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.2148",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4645",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-22-349-21",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-2178",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "169633",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138870",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140717",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138817",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138889",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138820",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140716",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2178"
          },
          {
            "db": "BID",
            "id": "91081"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "138817"
          },
          {
            "db": "PACKETSTORM",
            "id": "138889"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          }
        ]
      },
      "id": "VAR-201606-0477",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.43198179949999993
      },
      "last_update_date": "2026-03-09T22:12:09.368000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "OpenSSL DSA Security vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=62222"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171659 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171658 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170194 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170193 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: openssl security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20161940 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2016-2178",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-2178"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2016-2178"
          },
          {
            "title": "Ubuntu Security Notice: openssl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-1"
          },
          {
            "title": "Ubuntu Security Notice: openssl regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-2"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2016-755",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-755"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-24"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory"
          },
          {
            "title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
          },
          {
            "title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-16"
          },
          {
            "title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
          },
          {
            "title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-20"
          },
          {
            "title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-21"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
          },
          {
            "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2016-2178 "
          },
          {
            "title": "alpine-cvecheck",
            "trust": 0.1,
            "url": "https://github.com/tomwillfixit/alpine-cvecheck "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2178"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-203",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.7,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
          },
          {
            "trust": 2.0,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343400"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "trust": 2.0,
            "url": "https://bto.bluecoat.com/security-advisory/sa132"
          },
          {
            "trust": 2.0,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:0194"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:0193"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3087-1"
          },
          {
            "trust": 1.7,
            "url": "http://eprint.iacr.org/2016/594.pdf"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/09/8"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/2"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
          },
          {
            "trust": 1.7,
            "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/91081"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1036054"
          },
          {
            "trust": 1.7,
            "url": "http://www.splunk.com/view/sp-caaapue"
          },
          {
            "trust": 1.7,
            "url": "http://www.splunk.com/view/sp-caaapsv"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201612-16"
          },
          {
            "trust": 1.7,
            "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
          },
          {
            "trust": 1.7,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-16"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-21"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-20"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
          },
          {
            "trust": 1.7,
            "url": "https://access.redhat.com/errata/rhsa-2017:1658"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
          },
          {
            "trust": 1.7,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2016/dsa-3673"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.f5.com/csp/article/k53084033"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/12"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/11"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/10"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/6"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/5"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/4"
          },
          {
            "trust": 1.7,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/8"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/7"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-3087-2"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2017/jul/31"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/09/2"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=399944622df7bd81af62e67ea967c470534090e2"
          },
          {
            "trust": 0.9,
            "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
          },
          {
            "trust": 0.6,
            "url": "https://www.openssl.org/news/vulnerabilities.html#y2017"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.6,
            "url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2016-2177"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.4,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/cve/cve-2016-2178"
          },
          {
            "trust": 0.3,
            "url": "http://openssl.org/"
          },
          {
            "trust": 0.3,
            "url": "http://eprint.iacr.org/2016/594"
          },
          {
            "trust": 0.3,
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
          },
          {
            "trust": 0.3,
            "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
          },
          {
            "trust": 0.3,
            "url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995935"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994870"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648"
          },
          {
            "trust": 0.3,
            "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000242"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-4459"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-6808"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-8612"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-2108"
          },
          {
            "trust": 0.2,
            "url": "https://www.openssl.org/news/secadv/20160922.txt"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8612"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6808"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/203.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2016-2178"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:1659"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3087-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/policies/secpolicy.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
          },
          {
            "trust": 0.1,
            "url": "https://sweet32.info)"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/policies/releasestrat.html),"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2180"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6306"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2181"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6304"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2179"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2182"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6302"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
          },
          {
            "trust": 0.1,
            "url": "https://issues.jboss.org/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4448"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4483"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2842"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4449"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5420"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3627"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5419"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4447"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-7141"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0799"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2178"
          },
          {
            "db": "BID",
            "id": "91081"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "138817"
          },
          {
            "db": "PACKETSTORM",
            "id": "138889"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2178"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2178",
            "ident": null
          },
          {
            "db": "BID",
            "id": "91081",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "169633",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138870",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140717",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138817",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138889",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138820",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140716",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2178",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2016-06-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-2178",
            "ident": null
          },
          {
            "date": "2016-06-08T00:00:00",
            "db": "BID",
            "id": "91081",
            "ident": null
          },
          {
            "date": "2016-09-22T12:12:12",
            "db": "PACKETSTORM",
            "id": "169633",
            "ident": null
          },
          {
            "date": "2016-09-27T19:32:00",
            "db": "PACKETSTORM",
            "id": "138870",
            "ident": null
          },
          {
            "date": "2017-01-25T21:53:32",
            "db": "PACKETSTORM",
            "id": "140717",
            "ident": null
          },
          {
            "date": "2016-09-22T22:22:00",
            "db": "PACKETSTORM",
            "id": "138817",
            "ident": null
          },
          {
            "date": "2016-09-28T23:24:00",
            "db": "PACKETSTORM",
            "id": "138889",
            "ident": null
          },
          {
            "date": "2016-09-22T22:25:00",
            "db": "PACKETSTORM",
            "id": "138820",
            "ident": null
          },
          {
            "date": "2017-01-25T21:53:15",
            "db": "PACKETSTORM",
            "id": "140716",
            "ident": null
          },
          {
            "date": "2016-12-16T16:34:49",
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "date": "2016-06-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201606-265",
            "ident": null
          },
          {
            "date": "2016-06-20T01:59:03.023000",
            "db": "NVD",
            "id": "CVE-2016-2178",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-2178",
            "ident": null
          },
          {
            "date": "2018-02-05T14:00:00",
            "db": "BID",
            "id": "91081",
            "ident": null
          },
          {
            "date": "2022-12-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201606-265",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2016-2178",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "91081"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "_id": null,
        "data": "OpenSSL Security hole",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "_id": null,
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-265"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201606-0478

    Vulnerability from variot - Updated: 2026-03-09 22:02

    OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. OpenSSL is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. OpenSSL 1.0.2h and prior versions are vulnerable. OpenSSL Security Advisory [22 Sep 2016] ========================================

    OCSP Status Request extension unbounded memory growth (CVE-2016-6304)

    Severity: High

    A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.

    Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.

    OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    SSL_peek() hang on empty record (CVE-2016-6305)

    Severity: Moderate

    OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.

    OpenSSL 1.1.0 users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.

    SWEET32 Mitigation (CVE-2016-2183)

    Severity: Low

    SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.

    OOB write in MDC2_Update() (CVE-2016-6303)

    Severity: Low

    An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.

    The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Malformed SHA512 ticket DoS (CVE-2016-6302)

    Severity: Low

    If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.

    The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    OOB write in BN_bn2dec() (CVE-2016-2182)

    Severity: Low

    The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    OOB read in TS_OBJ_print_bio() (CVE-2016-2180)

    Severity: Low

    The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Pointer arithmetic undefined behaviour (CVE-2016-2177)

    Severity: Low

    Avoid some undefined pointer arithmetic

    A common idiom in the codebase is to check limits in the following manner: "p + len > limit"

    Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE

    "len" here could be from some externally supplied data (e.g. from a TLS message).

    The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.

    For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.

    Constant time flag not preserved in DSA signing (CVE-2016-2178)

    Severity: Low

    Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.

    DTLS buffered message DoS (CVE-2016-2179)

    Severity: Low

    In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.

    OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.

    DTLS replay protection DoS (CVE-2016-2181)

    Severity: Low

    A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.

    OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.

    Certificate message OOB reads (CVE-2016-6306)

    Severity: Low

    In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.

    The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.

    OpenSSL 1.1.0 is not affected.

    OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u

    This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.

    Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)

    Severity: Low

    A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

    1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

    Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

    This issue does not affect DTLS users.

    OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)

    Severity: Low

    This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.

    A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:

    1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.

    Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.

    This issue does not affect TLS users.

    OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a

    This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.

    Note

    As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.

    Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt

    Note: the online version of the advisory may be updated with additional details over time.

    For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================

    1. Summary:

    An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)

    • It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)

    • An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)

    • A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)

    This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.

    • An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)

    • Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)

    • An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)

    Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Desktop Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux HPC Node (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Optional (v. 6):

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

    ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm

    s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm

    s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 6):

    Source: openssl-1.0.1e-48.el6_8.3.src.rpm

    i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 6):

    i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm

    x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm

    Red Hat Enterprise Linux Client (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm

    ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm

    s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm

    ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm

    s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: openssl-1.0.1e-51.el7_2.7.src.rpm

    x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Summary:

    An update is now available for JBoss Core Services on RHEL 7.


    Gentoo Linux Security Advisory GLSA 201612-16


                                           https://security.gentoo.org/
    

    Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16


    Synopsis

    Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 dev-libs/openssl < 1.0.2j >= 1.0.2j

    Description

    Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All OpenSSL users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"

    References

    [ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201612-16

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    . For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016

    openssl regression

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS

    Summary:

    USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.

    We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5

    Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21

    Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38

    After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03763en_us

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: hpesbhf03763en_us Version: 1

    HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS)

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2017-08-01 Last Updated: 2017-08-01

    Potential Security Impact: Remote: Denial of Service (DoS)

    Source: Hewlett Packard Enterprise, Product Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified in Comware 7, IMC, VCX products using OpenSSL.

    • Comware v7 (CW7) Products See resolution section for impacted versions
    • HP Intelligent Management Center (iMC) See resolution section for impacted versions
    • VCX Products 9.8.19

    BACKGROUND

    CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

    CVE-2016-2177
      7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    Information on CVSS is documented in
    HPE Customer Notice HPSN-2008-002 here:
    

    https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

    RESOLUTION

    HPE has provided the following software updates to resolve the vulnerability in Comware 7, IMC PLAT, and VCX.

    Note: The following products are impacted by this issue

    COMWARE 7 Products

    • 12500 (Comware 7) - Version: R7377P02

      • HPE Branded Products Impacted
      • JC072B HP 12500 Main Processing Unit
      • JC085A HP A12518 Switch Chassis
      • JC086A HP A12508 Switch Chassis
      • JC652A HP 12508 DC Switch Chassis
      • JC653A HP 12518 DC Switch Chassis
      • JC654A HP 12504 AC Switch Chassis
      • JC655A HP 12504 DC Switch Chassis
      • JF430A HP A12518 Switch Chassis
      • JF430B HP 12518 Switch Chassis
      • JF430C HP 12518 AC Switch Chassis
      • JF431A HP A12508 Switch Chassis
      • JF431B HP 12508 Switch Chassis
      • JF431C HP 12508 AC Switch Chassis
      • JG497A HP 12500 MPU w/Comware V7 OS
      • JG782A HP FF 12508E AC Switch Chassis
      • JG783A HP FF 12508E DC Switch Chassis
      • JG784A HP FF 12518E AC Switch Chassis
      • JG785A HP FF 12518E DC Switch Chassis
      • JG802A HP FF 12500E MPU
    • 10500 (Comware 7) - Version: R7184

      • HPE Branded Products Impacted
      • JC611A HP 10508-V Switch Chassis
      • JC612A HP 10508 Switch Chassis
      • JC613A HP 10504 Switch Chassis
      • JC748A HP 10512 Switch Chassis
      • JG608A HP FlexFabric 11908-V Switch Chassis
      • JG609A HP FlexFabric 11900 Main Processing Unit
      • JG820A HP 10504 TAA Switch Chassis
      • JG821A HP 10508 TAA Switch Chassis
      • JG822A HP 10508-V TAA Switch Chassis
      • JG823A HP 10512 TAA Switch Chassis
      • JG496A HP 10500 Type A MPU w/Comware v7 OS
      • JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
      • JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
    • 5900/5920 (Comware 7) - Version: R2432

      • HPE Branded Products Impacted
      • JC772A HP 5900AF-48XG-4QSFP+ Switch
      • JG296A HP 5920AF-24XG Switch
      • JG336A HP 5900AF-48XGT-4QSFP+ Switch
      • JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
      • JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
      • JG555A HP 5920AF-24XG TAA Switch
      • JG838A HP FF 5900CP-48XG-4QSFP+ Switch
      • JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
      • JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
      • JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
    • MSR1000 (Comware 7) - Version: R0306P80

      • HPE Branded Products Impacted
      • JG875A HP MSR1002-4 AC Router
      • JH060A HP MSR1003-8S AC Router
    • MSR2000 (Comware 7) - Version: R0306P80

      • HPE Branded Products Impacted
      • JG411A HP MSR2003 AC Router
      • JG734A HP MSR2004-24 AC Router
      • JG735A HP MSR2004-48 Router
      • JG866A HP MSR2003 TAA-compliant AC Router
    • MSR3000 (Comware 7) - Version: R0306P80

      • HPE Branded Products Impacted
      • JG404A HP MSR3064 Router
      • JG405A HP MSR3044 Router
      • JG406A HP MSR3024 AC Router
      • JG407A HP MSR3024 DC Router
      • JG408A HP MSR3024 PoE Router
      • JG409A HP MSR3012 AC Router
      • JG410A HP MSR3012 DC Router
      • JG861A HP MSR3024 TAA-compliant AC Router
    • MSR4000 (Comware 7) - Version: R0306P80

      • HPE Branded Products Impacted
      • JG402A HP MSR4080 Router Chassis
      • JG403A HP MSR4060 Router Chassis
      • JG412A HP MSR4000 MPU-100 Main Processing Unit
      • JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
    • VSR (Comware 7) - Version: E0324

      • HPE Branded Products Impacted
      • JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
      • JG811AAE HP VSR1001 Comware 7 Virtual Services Router
      • JG812AAE HP VSR1004 Comware 7 Virtual Services Router
      • JG813AAE HP VSR1008 Comware 7 Virtual Services Router
    • 7900 (Comware 7) - Version: R2152

      • HPE Branded Products Impacted
      • JG682A HP FlexFabric 7904 Switch Chassis
      • JG841A HP FlexFabric 7910 Switch Chassis
      • JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
      • JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
      • JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
      • JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
      • JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
      • JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
    • 5130EI (Comware 7) - Version: R3115P05

      • HPE Branded Products Impacted
      • JG932A HP 5130-24G-4SFP+ EI Switch
      • JG933A HP 5130-24G-SFP-4SFP+ EI Switch
      • JG934A HP 5130-48G-4SFP+ EI Switch
      • JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
      • JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
      • JG938A HP 5130-24G-2SFP+-2XGT EI Switch
      • JG939A HP 5130-48G-2SFP+-2XGT EI Switch
      • JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
      • JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
      • JG975A HP 5130-24G-4SFP+ EI Brazil Switch
      • JG976A HP 5130-48G-4SFP+ EI Brazil Switch
      • JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
      • JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
    • 6125XLG - Version: R2432

      • HPE Branded Products Impacted
      • 711307-B21 HP 6125XLG Blade Switch
      • 737230-B21 HP 6125XLG Blade Switch with TAA
    • 6127XLG - Version: R2432

      • HPE Branded Products Impacted
      • 787635-B21 HP 6127XLG Blade Switch Opt Kit
      • 787635-B22 HP 6127XLG Blade Switch with TAA
    • Moonshot - Version: R2432

      • HPE Branded Products Impacted
      • 786617-B21 - HP Moonshot-45Gc Switch Module
      • 704654-B21 - HP Moonshot-45XGc Switch Module
      • 786619-B21 - HP Moonshot-180XGc Switch Module
    • 5700 (Comware 7) - Version: R2432

      • HPE Branded Products Impacted
      • JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
      • JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
      • JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
      • JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
      • JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
      • JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
    • 5930 (Comware 7) - Version: R2432

      • HPE Branded Products Impacted
      • JG726A HP FlexFabric 5930 32QSFP+ Switch
      • JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
      • JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
      • JH179A HP FlexFabric 5930 4-slot Switch
      • JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
      • JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
    • 1950 (Comware 7) - Version: R3115P06

      • HPE Branded Products Impacted
      • JG960A HP 1950-24G-4XG Switch
      • JG961A HP 1950-48G-2SFP+-2XGT Switch
      • JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
      • JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
    • 7500 (Comware 7) - Version: R7184

      • HPE Branded Products Impacted
      • JD238C HP 7510 Switch Chassis
      • JD239C HP 7506 Switch Chassis
      • JD240C HP 7503 Switch Chassis
      • JD242C HP 7502 Switch Chassis
      • JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
      • JH208A HP 7502 Main Processing Unit
      • JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
    • 5510HI (Comware 7) - Version: R1121P01

      • HPE Branded Products Impacted
      • JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
      • JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
      • JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
      • JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
      • JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
    • 5130HI (Comware 7) - Version: R1121P02

      • HPE Branded Products Impacted
      • JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
      • JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
      • JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
      • JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
    • 5940 (Comware 7) - Version: R2509P02

      • HPE Branded Products Impacted
      • JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
      • JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
      • JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
      • JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
      • JH396A HPE FlexFabric 5940 32QSFP+ Switch
      • JH397A HPE FlexFabric 5940 2-slot Switch
      • JH398A HPE FlexFabric 5940 4-slot Switch
    • 5950 (Comware 7) - Version: R6123

      • HPE Branded Products Impacted
      • JH321A HPE FlexFabric 5950 32QSFP28 Switch
      • JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
      • JH404A HPE FlexFabric 5950 4-slot Switch
    • 12900E (Comware 7) - Version: R2609

      • HPE Branded Products Impacted
      • JG619A HP FlexFabric 12910 Switch AC Chassis
      • JG621A HP FlexFabric 12910 Main Processing Unit
      • JG632A HP FlexFabric 12916 Switch AC Chassis
      • JG634A HP FlexFabric 12916 Main Processing Unit
      • JH104A HP FlexFabric 12900E Main Processing Unit
      • JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
      • JH263A HP FlexFabric 12904E Main Processing Unit
      • JH255A HP FlexFabric 12908E Switch Chassis
      • JH262A HP FlexFabric 12904E Switch Chassis
      • JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
      • JH103A HP FlexFabric 12916E Switch Chassis
    • iNode PC 7.2 (E0410) - Version: 7.2 E0410

      • HPE Branded Products Impacted
      • JD144A HP A-IMC User Access Management Software Module with 200-user License
      • JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
      • JD435A HP A-IMC Endpoint Admission Defense Client Software
      • JF388A HP IMC User Authentication Management Software Module with 200-user License
      • JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
      • JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
      • JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
      • JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
      • JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
    • iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409

      • HPE Branded Products Impacted
      • JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
      • JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
      • JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
      • JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
      • JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
      • JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
    • VCX - Version: 9.8.19

      • HPE Branded Products Impacted
      • J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
      • J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
      • JC517A HP VCX V7205 Platform w/DL 360 G6 Server
      • JE355A HP VCX V6000 Branch Platform 9.0
      • JC516A HP VCX V7005 Platform w/DL 120 G6 Server
      • JC518A HP VCX Connect 200 Primry 120 G6 Server
      • J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
      • JE341A HP VCX Connect 100 Secondary
      • JE252A HP VCX Connect Primary MIM Module
      • JE253A HP VCX Connect Secondary MIM Module
      • JE254A HP VCX Branch MIM Module
      • JE355A HP VCX V6000 Branch Platform 9.0
      • JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
      • JD023A HP MSR30-40 Router with VCX MIM Module
      • JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
      • JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
      • JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
      • JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
      • JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
      • JE340A HP VCX Connect 100 Pri Server 9.0
      • JE342A HP VCX Connect 100 Sec Server 9.0

    Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.

    HISTORY Version:1 (rev.1) - 1 August 2017 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

    Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

    Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

    Copyright 2016 Hewlett Packard Enterprise

    Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Description:

    This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering.

    This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. (CVE-2016-2108)

    • It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)

    • It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459)

    • An error was found in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules. After installing the updated packages, the httpd daemon will be restarted automatically. (CVE-2016-6808)

    • A memory leak flaw was fixed in expat. Solution:

    The References section of this erratum contains a download link (you must log in to download the update). JIRA issues fixed (https://issues.jboss.org/):

    JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service

    1. (CVE-2016-2177)

    It was discovered that OpenSSL did not properly handle Montgomery multiplication, resulting in incorrect results leading to transient failures

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "oracle",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "_id": null,
            "model": "icewall sso",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1p"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1n"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1s"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1q"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1t"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1h"
          },
          {
            "_id": null,
            "model": "icewall mcrp",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1j"
          },
          {
            "_id": null,
            "model": "icewall sso agent option",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "hp",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1o"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1r"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.2a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "openssl",
            "version": "1.0.2h"
          },
          {
            "_id": null,
            "model": "icewall mcrp",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "icewall sso",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "certd"
          },
          {
            "_id": null,
            "model": "icewall sso",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "dfw"
          },
          {
            "_id": null,
            "model": "icewall sso agent option",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "capssuite",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v3.0 to  v4.0"
          },
          {
            "_id": null,
            "model": "enterpriseidentitymanager",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "esmpro/serveragentservice",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "(linux edition )"
          },
          {
            "_id": null,
            "model": "express5800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "sg3600 all series"
          },
          {
            "_id": null,
            "model": "ix1000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "ix2000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "ix3000 series",
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": "secureware/pki application development kit",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "ver3.2"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise v8.2 to  v9.4"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "express v8.2 to  v9.4"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "foundation v8.2 to  v8.5"
          },
          {
            "_id": null,
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard v8.2 to  v9.4"
          },
          {
            "_id": null,
            "model": "webotx enterprise service bus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v8.2 to  v8.5"
          },
          {
            "_id": null,
            "model": "webotx portal",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v8.2 to  v9.1"
          },
          {
            "_id": null,
            "model": "cosminexus application server enterprise",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "version 6"
          },
          {
            "_id": null,
            "model": "cosminexus application server standard",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "version 6"
          },
          {
            "_id": null,
            "model": "cosminexus application server version 5",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus developer light version 6",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus developer professional version 6",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus developer standard version 6",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus developer version 5",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus http server",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "cosminexus primary server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "base version 6"
          },
          {
            "_id": null,
            "model": "cosminexus primary server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "version 6"
          },
          {
            "_id": null,
            "model": "web server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "none"
          },
          {
            "_id": null,
            "model": "web server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "- security enhancement"
          },
          {
            "_id": null,
            "model": "ucosminexus application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "none"
          },
          {
            "_id": null,
            "model": "ucosminexus application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "-r"
          },
          {
            "_id": null,
            "model": "ucosminexus application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "express"
          },
          {
            "_id": null,
            "model": "ucosminexus application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "standard-r"
          },
          {
            "_id": null,
            "model": "ucosminexus application server enterprise",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus application server smart edition",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus application server standard",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus developer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "01"
          },
          {
            "_id": null,
            "model": "ucosminexus developer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "professional"
          },
          {
            "_id": null,
            "model": "ucosminexus developer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "professional for plug-in"
          },
          {
            "_id": null,
            "model": "ucosminexus developer light",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus developer standard",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus primary server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "base"
          },
          {
            "_id": null,
            "model": "ucosminexus service architect",
            "scope": null,
            "trust": 0.8,
            "vendor": "hitachi",
            "version": null
          },
          {
            "_id": null,
            "model": "ucosminexus service platform",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "none"
          },
          {
            "_id": null,
            "model": "ucosminexus service platform",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hitachi",
            "version": "- messaging"
          },
          {
            "_id": null,
            "model": "stealthwatch udp director",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "content security management appliance",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "cloud web security",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "paging server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email security appliance",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "oracle",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "oracle",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.10"
          },
          {
            "_id": null,
            "model": "webex centers t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix ifix",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.13150-13"
          },
          {
            "_id": null,
            "model": "clean access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise live data server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "nexus series blade switches 4.1 e1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4000"
          },
          {
            "_id": null,
            "model": "api management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.9"
          },
          {
            "_id": null,
            "model": "telepresence content server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "proactive network operations center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "69010"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for linux",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "ucs central software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance media server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.13"
          },
          {
            "_id": null,
            "model": "stealthwatch management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment 5.1.fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "jabber software development kit",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "computer telephony integration object server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified workforce optimization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "industrial router 1.2.1rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "910"
          },
          {
            "_id": null,
            "model": "nexus intercloud for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6"
          },
          {
            "_id": null,
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.14"
          },
          {
            "_id": null,
            "model": "ip interoperability and collaboration system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "asr series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3400"
          },
          {
            "_id": null,
            "model": "nexus series switches standalone nx-os mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.3.1"
          },
          {
            "_id": null,
            "model": "nexus series switches standalone nx-os mode 7.0 i5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.11"
          },
          {
            "_id": null,
            "model": "intelligent automation for cloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.1.2"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7000"
          },
          {
            "_id": null,
            "model": "api connect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.0.0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.26"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2.0.4"
          },
          {
            "_id": null,
            "model": "jabber guest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime license manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance ptz ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "series digital media players 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4300"
          },
          {
            "_id": null,
            "model": "stealthwatch flowcollector sflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "web security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "visual quality experience server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.11"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "jd edwards enterpriseone tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.1.1"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60002.9"
          },
          {
            "_id": null,
            "model": "prime collaboration provisioning",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "agent for openflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.8"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.4.0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "ons series multiservice provisioning platforms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.15"
          },
          {
            "_id": null,
            "model": "telepresence sx series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "prime collaboration assurance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.10"
          },
          {
            "_id": null,
            "model": "asa next-generation firewall services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email security appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8200"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.9"
          },
          {
            "_id": null,
            "model": "unified communications manager im \u0026 presence service (formerly c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.3"
          },
          {
            "_id": null,
            "model": "webex meetings for blackberry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.5"
          },
          {
            "_id": null,
            "model": "bigfix platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "lancope stealthwatch flowcollector sflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "prime lan management solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.1"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.0.1.3"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x4.0.7"
          },
          {
            "_id": null,
            "model": "common services platform collector",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "partner support service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "media services interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus intercloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.9"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.1.3"
          },
          {
            "_id": null,
            "model": "prime collaboration assurance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "jabber for iphone and ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "email gateway 7.6.2h968406",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "unified attendant console advanced",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "common services platform collector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence mx series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "spectrum control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.8"
          },
          {
            "_id": null,
            "model": "webex meetings client on-premises",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "unified wireless ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified intelligence center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6(1)"
          },
          {
            "_id": null,
            "model": "services provisioning platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs b-series blade servers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "nac appliance clean access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4.6"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20290.1"
          },
          {
            "_id": null,
            "model": "jabber for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "asa next-generation firewall services",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3.0.0"
          },
          {
            "_id": null,
            "model": "unified sip proxy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.405"
          },
          {
            "_id": null,
            "model": "unified attendant console premium edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "api gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.2.4.0"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5"
          },
          {
            "_id": null,
            "model": "services provisioning platform sfp1.1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "small business spa300 series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "configuration professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.8"
          },
          {
            "_id": null,
            "model": "mediasense",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "video surveillance series high-definition ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "jabber for android",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for desktop platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "series digital media players 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4400"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30002.9"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.20"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3.8"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "stealthwatch identity",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.2"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2(1)"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.1"
          },
          {
            "_id": null,
            "model": "unified workforce optimization quality management solution 11.5 su1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "show and share",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system ex series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "universal small cell iuh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.2"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "ucs director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20280.6"
          },
          {
            "_id": null,
            "model": "jabber client framework components",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "telepresence isdn link",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence profile series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "webex meetings client on-premises t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "dcm series d9900 digital content manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70006.2.19"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "unified attendant console business edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.3.1"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "bigfix platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.5"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.4"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.54"
          },
          {
            "_id": null,
            "model": "bigfix remote control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1.4"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90000"
          },
          {
            "_id": null,
            "model": "prime network services controller 1.01u",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.9.15.9.8"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.0.10"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2 sv3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v"
          },
          {
            "_id": null,
            "model": "telepresence system tx1310",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications domain manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media and",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3103204.4"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.4"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1051.08"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.10"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "nac guest server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise content delivery system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.11"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.1"
          },
          {
            "_id": null,
            "model": "telepresence system ex series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime collaboration deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "webex business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dx series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.1.0"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15.5(3)"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.18"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series blade switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40000"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.11"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-376.1"
          },
          {
            "_id": null,
            "model": "jabber for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "telepresence profile series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "13.1.0.0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.10"
          },
          {
            "_id": null,
            "model": "ace30 application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.28"
          },
          {
            "_id": null,
            "model": "edge digital media player 1.6rb5",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "300"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.12"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "69450"
          },
          {
            "_id": null,
            "model": "telepresence isdn gateway mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83210"
          },
          {
            "_id": null,
            "model": "wireless lan controller",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "jabber software development kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "uc integration for microsoft lync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.3"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.404"
          },
          {
            "_id": null,
            "model": "telepresence system tx1310",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "spa112 2-port phone adapter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.151.05"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "transportation management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.4.1.2"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.33"
          },
          {
            "_id": null,
            "model": "telepresence mx series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ip interoperability and collaboration system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0(1)"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "spa122 analog telephone adapter with router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50003.5.12.23"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50003.4.2.0"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "uc integration for microsoft lync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.401"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.8"
          },
          {
            "_id": null,
            "model": "bigfix remote control",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "unity express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.7"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.21"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "13000"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.0"
          },
          {
            "_id": null,
            "model": "tandberg codian isdn gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway 7.6.405h1165239",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "jabber guest",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.9"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.9.0"
          },
          {
            "_id": null,
            "model": "digital media manager 5.3.6 rb3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "storediq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "series digital media players",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44000"
          },
          {
            "_id": null,
            "model": "ata series analog terminal adaptors",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1901.3"
          },
          {
            "_id": null,
            "model": "webex meetings server ssl gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "integrated management module for bladecenter yuoo",
            "scope": null,
            "trust": 0.3,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": "prime network services controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ata series analog terminal adaptors",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1900"
          },
          {
            "_id": null,
            "model": "asr series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500021.2"
          },
          {
            "_id": null,
            "model": "ironport email security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-37"
          },
          {
            "_id": null,
            "model": "ons series multiservice provisioning platforms",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1545410.7"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0.12"
          },
          {
            "_id": null,
            "model": "telepresence system series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "broadband access center telco and wireless",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.19"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.3"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "hosted collaboration mediation fulfillment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified communications manager session management edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.19"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1.2"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.25"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.0"
          },
          {
            "_id": null,
            "model": "webex meetings server multimedia platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "unified ip conference phone 10.3.1sr4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8831"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.7"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8.3.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "series stackable managed switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000"
          },
          {
            "_id": null,
            "model": "prime access registrar",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "onepk all-in-one vm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified intelligent contact management enterprise",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "stealthwatch flowcollector netflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3.2"
          },
          {
            "_id": null,
            "model": "ucs manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.0.2"
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.11"
          },
          {
            "_id": null,
            "model": "prime optical",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.0.1"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "network analysis module",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.2(2)"
          },
          {
            "_id": null,
            "model": "series stackable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "video surveillance 4300e and 4500e high-definition ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console department edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "ip series phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "78000"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "27000"
          },
          {
            "_id": null,
            "model": "onepk all-in-one virtual machine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "industrial router",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9100"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.1"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "unified intelligence center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "video distribution suite for internet streaming",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "13006.1"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.7.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.116"
          },
          {
            "_id": null,
            "model": "cloupia unified infrastructure controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50000"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11006.1"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.20"
          },
          {
            "_id": null,
            "model": "packaged contact center enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "agent desktop for cisco unified contact center express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "adaptive security appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "telepresence sx series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.5"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "nac appliance clean access server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60000"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "webex meetings for windows phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "80"
          },
          {
            "_id": null,
            "model": "spa232d multi-line dect analog telephone adapter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime optical for service providers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smart care",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.11"
          },
          {
            "_id": null,
            "model": "edge digital media player 1.2rb1.0.3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "340"
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.99.4"
          },
          {
            "_id": null,
            "model": "network performance analysis",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60006.2.19"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.55"
          },
          {
            "_id": null,
            "model": "unified ip conference phone for third-party call control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88310"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "webex meetings for windows phone",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "82.8"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "spectrum control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.10"
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.7"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.8.0.32.7"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "agent desktop",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment intirim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.133"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "webex meetings client hosted",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "content security management appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1.140"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.8"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6000"
          },
          {
            "_id": null,
            "model": "intrusion prevention system solutions",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified ip conference phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "88310"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.1"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.14"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.4"
          },
          {
            "_id": null,
            "model": "jabber client framework components",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "prime ip express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified sip proxy software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.4"
          },
          {
            "_id": null,
            "model": "telepresence system tx9000",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "mysql workbench",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "security manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for mac",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "netflow generation appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.403"
          },
          {
            "_id": null,
            "model": "unified sip proxy software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.1.4.7895"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "99510"
          },
          {
            "_id": null,
            "model": "mobility services engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openssh for gpfs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "89450"
          },
          {
            "_id": null,
            "model": "telepresence supervisor mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "80500"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20280.6"
          },
          {
            "_id": null,
            "model": "telepresence server and mse",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "701087104.4"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.6"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "ucs series and series fabric interconnects",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "620063000"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "webex meeting center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.11"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "lotus protector for mail security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.8.3.0"
          },
          {
            "_id": null,
            "model": "netflow generation appliance",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.1(1)"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.13"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.6"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.2"
          },
          {
            "_id": null,
            "model": "enterprise content management system monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.71"
          },
          {
            "_id": null,
            "model": "application networking manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "socialminer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "powerkvm update",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1.1.3-6513"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.28"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "spa112 2-port phone adapter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance series high-definition ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40002.9"
          },
          {
            "_id": null,
            "model": "intracer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.29"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1051.07"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "spa51x ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.8.15.7.15"
          },
          {
            "_id": null,
            "model": "transportation management",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.2.0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "prime infrastructure",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance 4300e and 4500e high-definition ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "powerkvm update",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.1.0.23"
          },
          {
            "_id": null,
            "model": "computer telephony integration object server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11000"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "_id": null,
            "model": "telepresence sx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media and",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3103200"
          },
          {
            "_id": null,
            "model": "small business series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "enterprise content management system monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.24"
          },
          {
            "_id": null,
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "content security appliance update servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified attendant console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "videoscape anyres live",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.7.2"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "99710"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.6"
          },
          {
            "_id": null,
            "model": "security guardium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.0.2"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.4"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.4.1.9"
          },
          {
            "_id": null,
            "model": "universal small cell iuh",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.17.3"
          },
          {
            "_id": null,
            "model": "ata analog telephone adaptor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1870"
          },
          {
            "_id": null,
            "model": "solaris sru11.6",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1.1"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.4"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-326.1"
          },
          {
            "_id": null,
            "model": "unity express",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10"
          },
          {
            "_id": null,
            "model": "expressway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtualization experience media edition",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.1.8"
          },
          {
            "_id": null,
            "model": "small business series managed switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3.1"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "10006.1"
          },
          {
            "_id": null,
            "model": "telepresence isdn gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "32410"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "edge digital media player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3000"
          },
          {
            "_id": null,
            "model": "series smart plus switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2200"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.4.0.4"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1000v0"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.5.1"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.6"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "virtual security gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.2.4.1102"
          },
          {
            "_id": null,
            "model": "access manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.3.0"
          },
          {
            "_id": null,
            "model": "rational insight",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1.5"
          },
          {
            "_id": null,
            "model": "telepresence tx9000 series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.2.0.4"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "series digital media players",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "43000"
          },
          {
            "_id": null,
            "model": "telepresence system series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30006.1"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70003.4.2.0"
          },
          {
            "_id": null,
            "model": "unity connection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.4"
          },
          {
            "_id": null,
            "model": "one portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.13"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.12"
          },
          {
            "_id": null,
            "model": "ucs b-series blade servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "unified attendant console standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ucs standalone c-series rack server integrated management cont",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.5"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "spectrum control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.9"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.32"
          },
          {
            "_id": null,
            "model": "enterprise content delivery system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.9"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "60000"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "series digital media players 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4300"
          },
          {
            "_id": null,
            "model": "ucs standalone c-series rack server integrated management cont",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-3.0"
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "ios and cisco ios xe software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "prime network",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence tx9000 series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "prime performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience on cloud network capture add-on",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "16.1.01"
          },
          {
            "_id": null,
            "model": "smart net total care local collector appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "prime collaboration provisioning",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.12"
          },
          {
            "_id": null,
            "model": "connected grid routers",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15.8.9"
          },
          {
            "_id": null,
            "model": "network analysis module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "integrated management module for system yuoo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x"
          },
          {
            "_id": null,
            "model": "commerce experience manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "nexus series fabric switches aci mode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "prime performance manager sp1611",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.7"
          },
          {
            "_id": null,
            "model": "worklight consumer edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.12"
          },
          {
            "_id": null,
            "model": "lancope stealthwatch flowcollector netflow",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.22"
          },
          {
            "_id": null,
            "model": "unified ip phone 9.3 sr3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "6901"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.23"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.16"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.10"
          },
          {
            "_id": null,
            "model": "telepresence server and mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "701087100"
          },
          {
            "_id": null,
            "model": "identity services engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mds series multilayer switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "90006.2.19"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270015.5(3)"
          },
          {
            "_id": null,
            "model": "bigfix platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-32"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.30"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.4"
          },
          {
            "_id": null,
            "model": "spectrum control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.11"
          },
          {
            "_id": null,
            "model": "telepresence server on virtual machine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql enterprise monitor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "3.3.0.1098"
          },
          {
            "_id": null,
            "model": "webex meetings for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nexus series switches 5.2.8",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "digital media manager 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "unified workforce optimization quality management solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "-0"
          },
          {
            "_id": null,
            "model": "telepresence integrator c series tc7.3.7",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.3"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.13"
          },
          {
            "_id": null,
            "model": "spa122 analog telephone adapter with router",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "cloud object storage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.5"
          },
          {
            "_id": null,
            "model": "rrdi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.2"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.14"
          },
          {
            "_id": null,
            "model": "ios xr software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.3"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.4"
          },
          {
            "_id": null,
            "model": "unified intelligent contact management enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.2.4"
          },
          {
            "_id": null,
            "model": "application and content networking system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1k",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.1.1.7.0"
          },
          {
            "_id": null,
            "model": "ace application control engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "47100"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.15.17.3.14"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x0"
          },
          {
            "_id": null,
            "model": "business intelligence enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.2.1.2.0"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.4.1.2"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "prime infrastructure plug and play standalone gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.2"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.20290.1"
          },
          {
            "_id": null,
            "model": "virtual security gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "nexus series switches",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "50006.2.19"
          },
          {
            "_id": null,
            "model": "telepresence conductor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.3"
          },
          {
            "_id": null,
            "model": "application policy infrastructure controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for mac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jabber for iphone and ipad",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.8"
          },
          {
            "_id": null,
            "model": "prime network registrar",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.3"
          },
          {
            "_id": null,
            "model": "cognos metrics manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "worklight enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x8.8.3"
          },
          {
            "_id": null,
            "model": "jabber",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "connected analytics for collaboration",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.16"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.4.1"
          },
          {
            "_id": null,
            "model": "series digital media players 5.4.1 rb4",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4400"
          },
          {
            "_id": null,
            "model": "sterling connect:express for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "multicast manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aironet series access points",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "270016.3"
          },
          {
            "_id": null,
            "model": "cognos business intelligence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.8.0.32.8"
          },
          {
            "_id": null,
            "model": "webex node for mcs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence mcu",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5(1.89)"
          },
          {
            "_id": null,
            "model": "management appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "anyconnect secure mobility client for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.7"
          },
          {
            "_id": null,
            "model": "videoscape anyres live",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance ptz ip cameras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video distribution suite for internet streaming",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.003(002)"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.31"
          },
          {
            "_id": null,
            "model": "telepresence serial gateway series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence server on multiparty media",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8204.4"
          },
          {
            "_id": null,
            "model": "i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "sterling connect:direct for hp nonstop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "virtual security gateway for microsoft hyper-v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.13"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.400"
          },
          {
            "_id": null,
            "model": "unified ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "89610"
          },
          {
            "_id": null,
            "model": "expressway series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "x8.8.3"
          },
          {
            "_id": null,
            "model": "commerce guided search",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "prime network",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "431"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-320"
          },
          {
            "_id": null,
            "model": "unified attendant console enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "unified contact center express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "small business spa500 series ip phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.0.26"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "network analysis module 6.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence system ex series ce8.2.2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "prime data center network manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mxe series media experience engines",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "35000"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.2b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "universal small cell cloudbase factory recovery root filesystem",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.17.3"
          },
          {
            "_id": null,
            "model": "videoscape control suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1100"
          },
          {
            "_id": null,
            "model": "unified communications manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tandberg codian mse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "83200"
          },
          {
            "_id": null,
            "model": "ip series phones vpn feature",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8800-0"
          },
          {
            "_id": null,
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.3.0"
          },
          {
            "_id": null,
            "model": "mobilefirst platform foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.9"
          },
          {
            "_id": null,
            "model": "security network protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.3.1.3"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "smartcloud entry",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.27"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.17"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.18"
          },
          {
            "_id": null,
            "model": "enterprise manager base platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "13.2.0.0"
          },
          {
            "_id": null,
            "model": "tealeaf customer experience",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.6"
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.406-3402.103"
          },
          {
            "_id": null,
            "model": "unified meetingplace 8.6mr1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "telepresence mx series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "tapi service provider",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "video surveillance series ip cameras",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70002.9"
          },
          {
            "_id": null,
            "model": "telepresence system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "500-370"
          },
          {
            "_id": null,
            "model": "spa525g 5-line ip phone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence profile series",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure access control system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.6.22"
          },
          {
            "_id": null,
            "model": "unified ip conference phone for third-party call control 9.3 sr3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "8831"
          },
          {
            "_id": null,
            "model": "unified ip series phones",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "79000"
          },
          {
            "_id": null,
            "model": "spa232d multi-line dect analog telephone adapter",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "nexus series fabric switches aci mode",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000-0"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.6"
          },
          {
            "_id": null,
            "model": "visual quality experience tools server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "virtualization experience media edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "12.3.2"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "email gateway 7.6.405h1157986",
            "scope": null,
            "trust": 0.3,
            "vendor": "mcafee",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.7"
          },
          {
            "_id": null,
            "model": "registered envelope service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "universal small cell series",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70003.5.12.23"
          },
          {
            "_id": null,
            "model": "firesight system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "physical access gateways",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "smartcloud entry appliance fi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.3.0.4"
          },
          {
            "_id": null,
            "model": "webex meetings client hosted t32",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "mysql",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5.7.15"
          },
          {
            "_id": null,
            "model": "unified meetingplace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security virtual server protection for vmware",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "unified contact center express",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "webex meetings server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.1.30"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for images system edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "x7.1.1.0"
          },
          {
            "_id": null,
            "model": "communications network charging and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "4.4.1.5.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1h",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "email gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "7.6.402"
          },
          {
            "_id": null,
            "model": "epolicy orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "5.3.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "91319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:openssl:openssl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:icewall_mcrp",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:icewall_sso",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:icewall_sso_agent_option",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:capssuite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:esmpro_serveragent",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:esmpro_serveragentservice",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:express5800",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix1000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix2000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:nec:ix3000",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:nec:webotx_portal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:cosminexus_primary_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_primary_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "143176"
          },
          {
            "db": "PACKETSTORM",
            "id": "143181"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2016-2177",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-2177",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-2177",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-2177",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-2177",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201606-266",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-2177",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2177"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. OpenSSL is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nOpenSSL 1.0.2h and prior versions are vulnerable. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2.  OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: openssl security update\nAdvisory ID:       RHSA-2016:1940-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date:        2016-09-27\nCVE Names:         CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n                   CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n                   CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nAn update is now available for JBoss Core Services on RHEL 7. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: OpenSSL: Multiple vulnerabilities\n     Date: December 07, 2016\n     Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n           #592082, #594500, #595186\n       ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/openssl             \u003c 1.0.2j                  \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n  # emerge --sync\n   # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[  1 ] CVE-2016-2105\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[  2 ] CVE-2016-2106\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[  3 ] CVE-2016-2107\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[  4 ] CVE-2016-2108\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[  5 ] CVE-2016-2109\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[  6 ] CVE-2016-2176\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[  7 ] CVE-2016-2177\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[  8 ] CVE-2016-2178\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[  9 ] CVE-2016-2180\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n       http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n  Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n  Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n  Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n  Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n  Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  libssl1.0.0                     1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n  libssl1.0.0                     1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n  libssl1.0.0                     1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03763en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03763en_us\nVersion: 1\n\nHPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote\nDenial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-08-01\nLast Updated: 2017-08-01\n\nPotential Security Impact: Remote: Denial of Service (DoS)\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified in Comware 7, IMC, VCX\nproducts using OpenSSL. \n\n  - Comware v7 (CW7) Products See resolution section for impacted versions\n  - HP Intelligent Management Center (iMC) See resolution section for\nimpacted versions\n  - VCX Products 9.8.19\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2016-2177\n      7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software updates to resolve the vulnerability\nin Comware 7, IMC PLAT, and VCX.  \n\n**Note:** The following products are impacted by this issue\n\n**COMWARE 7 Products**\n\n  + **12500 (Comware 7) - Version: R7377P02**\n    * HPE Branded Products Impacted\n      - JC072B HP 12500 Main Processing Unit\n      - JC085A HP A12518 Switch Chassis\n      - JC086A HP A12508 Switch Chassis\n      - JC652A HP 12508 DC Switch Chassis\n      - JC653A HP 12518 DC Switch Chassis\n      - JC654A HP 12504 AC Switch Chassis\n      - JC655A HP 12504 DC Switch Chassis\n      - JF430A HP A12518 Switch Chassis\n      - JF430B HP 12518 Switch Chassis\n      - JF430C HP 12518 AC Switch Chassis\n      - JF431A HP A12508 Switch Chassis\n      - JF431B HP 12508 Switch Chassis\n      - JF431C HP 12508 AC Switch Chassis\n      - JG497A HP 12500 MPU w/Comware V7 OS\n      - JG782A HP FF 12508E AC Switch Chassis\n      - JG783A HP FF 12508E DC Switch Chassis\n      - JG784A HP FF 12518E AC Switch Chassis\n      - JG785A HP FF 12518E DC Switch Chassis\n      - JG802A HP FF 12500E MPU\n   \n     \n  + **10500 (Comware 7) - Version: R7184**\n    * HPE Branded Products Impacted\n      - JC611A HP 10508-V Switch Chassis\n      - JC612A HP 10508 Switch Chassis\n      - JC613A HP 10504 Switch Chassis\n      - JC748A HP 10512 Switch Chassis\n      - JG608A HP FlexFabric 11908-V Switch Chassis\n      - JG609A HP FlexFabric 11900 Main Processing Unit\n      - JG820A HP 10504 TAA Switch Chassis\n      - JG821A HP 10508 TAA Switch Chassis\n      - JG822A HP 10508-V TAA Switch Chassis\n      - JG823A HP 10512 TAA Switch Chassis\n      - JG496A HP 10500 Type A MPU w/Comware v7 OS\n      - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n      - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n   \n     \n  + **5900/5920 (Comware 7) - Version: R2432**\n    * HPE Branded Products Impacted\n      - JC772A HP 5900AF-48XG-4QSFP+ Switch\n      - JG296A HP 5920AF-24XG Switch\n      - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n      - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n      - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n      - JG555A HP 5920AF-24XG TAA Switch\n      - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n      - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n      - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n      - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n   \n     \n  + **MSR1000 (Comware 7) - Version: R0306P80**\n    * HPE Branded Products Impacted\n      - JG875A HP MSR1002-4 AC Router\n      - JH060A HP MSR1003-8S AC Router\n   \n     \n  + **MSR2000 (Comware 7) - Version: R0306P80**\n    * HPE Branded Products Impacted\n      - JG411A HP MSR2003 AC Router\n      - JG734A HP MSR2004-24 AC Router\n      - JG735A HP MSR2004-48 Router\n      - JG866A HP MSR2003 TAA-compliant AC Router\n   \n     \n  + **MSR3000 (Comware 7) - Version: R0306P80**\n    * HPE Branded Products Impacted\n      - JG404A HP MSR3064 Router\n      - JG405A HP MSR3044 Router\n      - JG406A HP MSR3024 AC Router\n      - JG407A HP MSR3024 DC Router\n      - JG408A HP MSR3024 PoE Router\n      - JG409A HP MSR3012 AC Router\n      - JG410A HP MSR3012 DC Router\n      - JG861A HP MSR3024 TAA-compliant AC Router\n   \n     \n  + **MSR4000 (Comware 7) - Version: R0306P80**\n    * HPE Branded Products Impacted\n      - JG402A HP MSR4080 Router Chassis\n      - JG403A HP MSR4060 Router Chassis\n      - JG412A HP MSR4000 MPU-100 Main Processing Unit\n      - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n   \n     \n  + **VSR (Comware 7) - Version: E0324**\n    * HPE Branded Products Impacted\n      - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n      - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n      - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n      - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n   \n     \n  + **7900 (Comware 7) - Version: R2152**\n    * HPE Branded Products Impacted\n      - JG682A HP FlexFabric 7904 Switch Chassis\n      - JG841A HP FlexFabric 7910 Switch Chassis\n      - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n      - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n      - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n      - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n      - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n      - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n   \n     \n  + **5130EI (Comware 7) - Version: R3115P05**\n    * HPE Branded Products Impacted\n      - JG932A HP 5130-24G-4SFP+ EI Switch\n      - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n      - JG934A HP 5130-48G-4SFP+ EI Switch\n      - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n      - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n      - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n      - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n      - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n      - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n      - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n      - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n      - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n      - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n   \n     \n  + **6125XLG - Version: R2432**\n    * HPE Branded Products Impacted\n      - 711307-B21 HP 6125XLG Blade Switch\n      - 737230-B21 HP 6125XLG Blade Switch with TAA\n   \n     \n  + **6127XLG - Version: R2432**\n    * HPE Branded Products Impacted\n      - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n      - 787635-B22 HP 6127XLG Blade Switch with TAA\n   \n     \n  + **Moonshot - Version: R2432**\n    * HPE Branded Products Impacted\n      - 786617-B21 - HP Moonshot-45Gc Switch Module\n      - 704654-B21 - HP Moonshot-45XGc Switch Module\n      - 786619-B21 - HP Moonshot-180XGc Switch Module\n   \n     \n  + **5700 (Comware 7) - Version: R2432**\n    * HPE Branded Products Impacted\n      - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n      - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n      - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n      - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n      - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n      - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n   \n     \n  + **5930 (Comware 7) - Version: R2432**\n    * HPE Branded Products Impacted\n      - JG726A HP FlexFabric 5930 32QSFP+ Switch\n      - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n      - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n      - JH179A HP FlexFabric 5930 4-slot Switch\n      - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n      - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n   \n     \n  + **1950 (Comware 7) - Version: R3115P06**\n    * HPE Branded Products Impacted\n      - JG960A HP 1950-24G-4XG Switch\n      - JG961A HP 1950-48G-2SFP+-2XGT Switch\n      - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n      - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n   \n     \n  + **7500 (Comware 7) - Version: R7184**\n    * HPE Branded Products Impacted\n      - JD238C HP 7510 Switch Chassis\n      - JD239C HP 7506 Switch Chassis\n      - JD240C HP 7503 Switch Chassis\n      - JD242C HP 7502 Switch Chassis\n      - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n      - JH208A HP 7502 Main Processing Unit\n      - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n   \n     \n  + **5510HI (Comware 7) - Version: R1121P01**\n    * HPE Branded Products Impacted\n      - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n      - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n      - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n      - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n      - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n   \n     \n  + **5130HI (Comware 7) - Version: R1121P02**\n    * HPE Branded Products Impacted\n      - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n      - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n      - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n      - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n   \n     \n  + **5940 (Comware 7) - Version: R2509P02**\n    * HPE Branded Products Impacted\n      - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n      - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n      - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n      - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n      - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n      - JH397A HPE FlexFabric 5940 2-slot Switch\n      - JH398A HPE FlexFabric 5940 4-slot Switch\n   \n     \n  + **5950 (Comware 7) - Version: R6123**\n    * HPE Branded Products Impacted\n      - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n      - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n      - JH404A HPE FlexFabric 5950 4-slot Switch\n   \n     \n  + **12900E (Comware 7) - Version: R2609**\n    * HPE Branded Products Impacted\n      - JG619A HP FlexFabric 12910 Switch AC Chassis\n      - JG621A HP FlexFabric 12910 Main Processing Unit\n      - JG632A HP FlexFabric 12916 Switch AC Chassis\n      - JG634A HP FlexFabric 12916 Main Processing Unit\n      - JH104A HP FlexFabric 12900E Main Processing Unit\n      - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n      - JH263A HP FlexFabric 12904E Main Processing Unit\n      - JH255A HP FlexFabric 12908E Switch Chassis\n      - JH262A HP FlexFabric 12904E Switch Chassis\n      - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n      - JH103A HP FlexFabric 12916E Switch Chassis\n   \n     \n  + **iNode PC 7.2 (E0410) - Version: 7.2 E0410**\n    * HPE Branded Products Impacted\n      - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n      - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n      - JD435A HP A-IMC Endpoint Admission Defense Client Software\n      - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n      - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n      - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n      - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n      - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n      - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n   \n     \n  + **iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409**\n    * HPE Branded Products Impacted\n      - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n      - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n      - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n      - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n      - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n      - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n   \n     \n  + **VCX - Version: 9.8.19**\n    * HPE Branded Products Impacted\n      - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n      - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n      - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n      -  JE355A HP VCX V6000 Branch Platform 9.0\n      - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n      - JC518A HP VCX Connect 200 Primry 120 G6 Server\n      - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n      - JE341A HP VCX Connect 100 Secondary\n      - JE252A HP VCX Connect Primary MIM Module\n      - JE253A HP VCX Connect Secondary MIM Module\n      - JE254A HP VCX Branch MIM Module\n      - JE355A HP VCX V6000 Branch Platform 9.0\n      - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n      - JD023A HP MSR30-40 Router with VCX MIM Module\n      - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n      - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n      - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n      - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n      - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n      - JE340A HP VCX Connect 100 Pri Server 9.0\n      - JE342A HP VCX Connect 100 Sec Server 9.0\n      \n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 1 August 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. Description:\n\nThis release adds the new Apache HTTP Server 2.4.23 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.6, and includes bug fixes and enhancements. Refer to the\nRelease Notes for information on the most significant bug fixes and\nenhancements included in this release. \n(CVE-2016-2108)\n\n* It was found that the length checks prior to writing to the target buffer\nfor creating a virtual host mapping rule did not take account of the length\nof the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. (CVE-2016-4459)\n\n* An error was found in protocol parsing logic of mod_cluster load balancer\nApache HTTP Server modules. After installing the updated\npackages, the httpd daemon will be restarted automatically. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6. (CVE-2016-2177)\n\nIt was discovered that OpenSSL did not properly handle Montgomery\nmultiplication, resulting in incorrect results leading to transient\nfailures",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "BID",
            "id": "91319"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-2177"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "143176"
          },
          {
            "db": "PACKETSTORM",
            "id": "140056"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "143181"
          },
          {
            "db": "PACKETSTORM",
            "id": "138826"
          },
          {
            "db": "PACKETSTORM",
            "id": "143628"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "140850"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-2177",
            "trust": 4.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-144-01",
            "trust": 2.5
          },
          {
            "db": "MCAFEE",
            "id": "SB10165",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "91319",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1036088",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2016/06/08/9",
            "trust": 1.7
          },
          {
            "db": "MCAFEE",
            "id": "SB10215",
            "trust": 1.7
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-144-01",
            "trust": 1.7
          },
          {
            "db": "SCHNEIDER",
            "id": "SEVD-2018-137-01",
            "trust": 1.7
          },
          {
            "db": "SIEMENS",
            "id": "SSA-412672",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-20",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-21",
            "trust": 1.7
          },
          {
            "db": "TENABLE",
            "id": "TNS-2016-16",
            "trust": 1.7
          },
          {
            "db": "JUNIPER",
            "id": "JSA10759",
            "trust": 1.7
          },
          {
            "db": "PULSESECURE",
            "id": "SA40312",
            "trust": 1.7
          },
          {
            "db": "JVN",
            "id": "JVNVU98667810",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-2177",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "169633",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138870",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140717",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "143176",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140056",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138820",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "143181",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138826",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "143628",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140716",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140850",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2177"
          },
          {
            "db": "BID",
            "id": "91319"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "143176"
          },
          {
            "db": "PACKETSTORM",
            "id": "140056"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "143181"
          },
          {
            "db": "PACKETSTORM",
            "id": "138826"
          },
          {
            "db": "PACKETSTORM",
            "id": "143628"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "140850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          }
        ]
      },
      "id": "VAR-201606-0478",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.43198179949999993
      },
      "last_update_date": "2026-03-09T22:02:04.960000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "cisco-sa-20160927-openssl",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl"
          },
          {
            "title": "hitachi-sec-2017-103",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-103/index.html"
          },
          {
            "title": "HPSBGN03658",
            "trust": 0.8,
            "url": "https://h20565.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05302448"
          },
          {
            "title": "1995039",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
          },
          {
            "title": "SB10165",
            "trust": 0.8,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10165"
          },
          {
            "title": "NV17-001",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
          },
          {
            "title": "OpenSSL 1.0.1 Series Release Notes",
            "trust": 0.8,
            "url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
          },
          {
            "title": "OpenSSL 1.0.2 Series Release Notes",
            "trust": 0.8,
            "url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
          },
          {
            "title": "Avoid some undefined pointer arithmetic",
            "trust": 0.8,
            "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7"
          },
          {
            "title": "Oracle Critical Patch Update Advisory - October 2016",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "title": "Oracle Linux Bulletin - October 2016",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
          },
          {
            "title": "Oracle Solaris Third Party Bulletin - April 2016",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "title": "Oracle VM Server for x86 Bulletin - October 2016",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "title": "Bug 1341705",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341705"
          },
          {
            "title": "SA40312",
            "trust": 0.8,
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312"
          },
          {
            "title": "SA132",
            "trust": 0.8,
            "url": "https://bto.bluecoat.com/security-advisory/sa132"
          },
          {
            "title": "JSA10759",
            "trust": 0.8,
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759"
          },
          {
            "title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
            "trust": 0.8,
            "url": "http://www.splunk.com/view/SP-CAAAPUE"
          },
          {
            "title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
            "trust": 0.8,
            "url": "http://www.splunk.com/view/SP-CAAAPSV"
          },
          {
            "title": "TNS-2016-16",
            "trust": 0.8,
            "url": "https://www.tenable.com/security/tns-2016-16"
          },
          {
            "title": "HS16-023",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-023/index.html"
          },
          {
            "title": "hitachi-sec-2017-103",
            "trust": 0.8,
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-103/index.html"
          },
          {
            "title": "OpenSSL Security vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=62223"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171659 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171658 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170194 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170193 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: openssl security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20161940 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2016-2177",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-2177"
          },
          {
            "title": "Arch Linux Issues: ",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2016-2177"
          },
          {
            "title": "Ubuntu Security Notice: openssl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3181-1"
          },
          {
            "title": "Ubuntu Security Notice: openssl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-1"
          },
          {
            "title": "Ubuntu Security Notice: openssl regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-2"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2016-755",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-755"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-23"
          },
          {
            "title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-24"
          },
          {
            "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
          },
          {
            "title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-16"
          },
          {
            "title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
          },
          {
            "title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
          },
          {
            "title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-20"
          },
          {
            "title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-21"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
          },
          {
            "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
          },
          {
            "title": "CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05\nSummary",
            "trust": 0.1,
            "url": "https://github.com/tomwillfixit/alpine-cvecheck "
          },
          {
            "title": "hackerone-publicy-disclosed",
            "trust": 0.1,
            "url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
          },
          {
            "title": "OpenSSL-CVE-lib",
            "trust": 0.1,
            "url": "https://github.com/chnzzh/OpenSSL-CVE-lib "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2177"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "trust": 2.0,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10165"
          },
          {
            "trust": 2.0,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.ubuntu.com/usn/usn-3087-1"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201612-16"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:1658"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:0194"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2017:0193"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
          },
          {
            "trust": 1.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-144-01"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3181-1"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-3087-2"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341705"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/91319"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1036088"
          },
          {
            "trust": 1.7,
            "url": "http://www.splunk.com/view/sp-caaapue"
          },
          {
            "trust": 1.7,
            "url": "http://www.splunk.com/view/sp-caaapsv"
          },
          {
            "trust": 1.7,
            "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
          },
          {
            "trust": 1.7,
            "url": "https://bto.bluecoat.com/security-advisory/sa132"
          },
          {
            "trust": 1.7,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-16"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03763en_us"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-21"
          },
          {
            "trust": 1.7,
            "url": "https://www.tenable.com/security/tns-2016-20"
          },
          {
            "trust": 1.7,
            "url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
          },
          {
            "trust": 1.7,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-144-01/"
          },
          {
            "trust": 1.7,
            "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-137-01/"
          },
          {
            "trust": 1.7,
            "url": "https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-manager"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
          },
          {
            "trust": 1.7,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.f5.com/csp/article/k23873366"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2016/dsa-3673"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2016/06/08/9"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2017/jul/31"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/archive/1/540957/100/0/threaded"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=a004e72b95835136d3f1ea90517f706c24c03da7"
          },
          {
            "trust": 1.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
          },
          {
            "trust": 0.9,
            "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2177"
          },
          {
            "trust": 0.8,
            "url": "https://www.us-cert.gov/ics/advisories/icsa-18-144-01"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu98667810/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2177"
          },
          {
            "trust": 0.8,
            "url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2016-2177"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.6,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2016-2178"
          },
          {
            "trust": 0.6,
            "url": "https://www.openssl.org/news/vulnerabilities.html#y2017"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/openssl/openssl/commit/a004e72b95835136d3f1ea90517f706c24c03da7"
          },
          {
            "trust": 0.3,
            "url": "http://openssl.org/"
          },
          {
            "trust": 0.3,
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
          },
          {
            "trust": 0.3,
            "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "trust": 0.3,
            "url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995935"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099492"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994870"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993601"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
          },
          {
            "trust": 0.3,
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995038"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg22001805"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-6304"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-4459"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-6808"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-8612"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2016-2108"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
          },
          {
            "trust": 0.2,
            "url": "https://www.openssl.org/news/secadv/20160922.txt"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8612"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6808"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/2688611"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/solutions/222023"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2016-8610"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/190.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2017:1659"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/3181-1/"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/policies/secpolicy.html"
          },
          {
            "trust": 0.1,
            "url": "https://sweet32.info)"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/policies/releasestrat.html),"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2180"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6306"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2181"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2179"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2182"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-6302"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "http://eprint.iacr.org/2016/594.pdf"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/1626883"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/security_bulletin_archive"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03763en_us"
          },
          {
            "trust": 0.1,
            "url": "https://www.hpe.com/info/report-security-vulnerability"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/subscriber_choice"
          },
          {
            "trust": 0.1,
            "url": "https://issues.jboss.org/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4448"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2106"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2107"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4483"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3523"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2842"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0797"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2105"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1840"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1836"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1835"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4449"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5420"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-3627"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2012-1148"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-2109"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-5419"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0209"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3195"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3216"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-4447"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-7141"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.6"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu9.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.22"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.39"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7056"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2177"
          },
          {
            "db": "BID",
            "id": "91319"
          },
          {
            "db": "PACKETSTORM",
            "id": "169633"
          },
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "140717"
          },
          {
            "db": "PACKETSTORM",
            "id": "143176"
          },
          {
            "db": "PACKETSTORM",
            "id": "140056"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "143181"
          },
          {
            "db": "PACKETSTORM",
            "id": "138826"
          },
          {
            "db": "PACKETSTORM",
            "id": "143628"
          },
          {
            "db": "PACKETSTORM",
            "id": "140716"
          },
          {
            "db": "PACKETSTORM",
            "id": "140182"
          },
          {
            "db": "PACKETSTORM",
            "id": "140850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2016-2177",
            "ident": null
          },
          {
            "db": "BID",
            "id": "91319",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "169633",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138870",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140717",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "143176",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140056",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138820",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "143181",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "138826",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "143628",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140716",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "140850",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2016-2177",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2016-06-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-2177",
            "ident": null
          },
          {
            "date": "2016-05-05T00:00:00",
            "db": "BID",
            "id": "91319",
            "ident": null
          },
          {
            "date": "2016-09-22T12:12:12",
            "db": "PACKETSTORM",
            "id": "169633",
            "ident": null
          },
          {
            "date": "2016-09-27T19:32:00",
            "db": "PACKETSTORM",
            "id": "138870",
            "ident": null
          },
          {
            "date": "2017-01-25T21:53:32",
            "db": "PACKETSTORM",
            "id": "140717",
            "ident": null
          },
          {
            "date": "2017-06-28T22:12:00",
            "db": "PACKETSTORM",
            "id": "143176",
            "ident": null
          },
          {
            "date": "2016-12-07T16:37:31",
            "db": "PACKETSTORM",
            "id": "140056",
            "ident": null
          },
          {
            "date": "2016-09-22T22:25:00",
            "db": "PACKETSTORM",
            "id": "138820",
            "ident": null
          },
          {
            "date": "2017-06-28T22:37:00",
            "db": "PACKETSTORM",
            "id": "143181",
            "ident": null
          },
          {
            "date": "2016-09-23T19:19:00",
            "db": "PACKETSTORM",
            "id": "138826",
            "ident": null
          },
          {
            "date": "2017-08-03T04:28:16",
            "db": "PACKETSTORM",
            "id": "143628",
            "ident": null
          },
          {
            "date": "2017-01-25T21:53:15",
            "db": "PACKETSTORM",
            "id": "140716",
            "ident": null
          },
          {
            "date": "2016-12-16T16:34:49",
            "db": "PACKETSTORM",
            "id": "140182",
            "ident": null
          },
          {
            "date": "2017-02-01T00:36:45",
            "db": "PACKETSTORM",
            "id": "140850",
            "ident": null
          },
          {
            "date": "2016-06-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201606-266",
            "ident": null
          },
          {
            "date": "2016-06-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-003304",
            "ident": null
          },
          {
            "date": "2016-06-20T01:59:02.087000",
            "db": "NVD",
            "id": "CVE-2016-2177",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-2177",
            "ident": null
          },
          {
            "date": "2018-02-05T14:00:00",
            "db": "BID",
            "id": "91319",
            "ident": null
          },
          {
            "date": "2022-12-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201606-266",
            "ident": null
          },
          {
            "date": "2019-07-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-003304",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2016-2177",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "138870"
          },
          {
            "db": "PACKETSTORM",
            "id": "138820"
          },
          {
            "db": "PACKETSTORM",
            "id": "138826"
          },
          {
            "db": "PACKETSTORM",
            "id": "140850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          }
        ],
        "trust": 1.0
      },
      "title": {
        "_id": null,
        "data": "OpenSSL Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003304"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201606-266"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2020-4224 (GCVE-0-2020-4224)

    Vulnerability from nvd – Published: 2020-02-03 16:45 – Updated: 2024-09-17 04:20
    VLAI
    Summary
    IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.17
    Affected: 7.6.0.20
    Create a notification for this product.
    Date Public
    2020-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:00:07.094Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/1288150"
              },
              {
                "name": "ibm-storediq-cve20204224-info-disc (175133)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.17"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.20"
                }
              ]
            }
          ],
          "datePublic": "2020-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 2.6,
                "temporalSeverity": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/UI:N/A:N/S:U/C:L/I:N/PR:N/AC:H/AV:L/RL:O/RC:C/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-03T16:45:18.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/1288150"
            },
            {
              "name": "ibm-storediq-cve20204224-info-disc (175133)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-01-31T00:00:00",
              "ID": "CVE-2020-4224",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.17"
                              },
                              {
                                "version_value": "7.6.0.20"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "L",
                  "C": "L",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/1288150",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 1288150 (StoredIQ)",
                  "url": "https://www.ibm.com/support/pages/node/1288150"
                },
                {
                  "name": "ibm-storediq-cve20204224-info-disc (175133)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4224",
        "datePublished": "2020-02-03T16:45:18.722Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:20:12.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4167 (GCVE-0-2019-4167)

    Vulnerability from nvd – Published: 2019-08-20 19:30 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0
    Create a notification for this product.
    Date Public
    2019-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:37.982Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
              },
              {
                "name": "ibm-storeiq-cve20194167-csrf (158700)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0"
                }
              ]
            }
          ],
          "datePublic": "2019-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 3.8,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/PR:N/UI:R/I:L/A:N/S:U/AV:N/C:N/AC:L/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-20T19:30:25.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
            },
            {
              "name": "ibm-storeiq-cve20194167-csrf (158700)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-08-14T00:00:00",
              "ID": "CVE-2019-4167",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "L",
                  "PR": "N",
                  "S": "U",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10967327",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 967327 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
                },
                {
                  "name": "ibm-storeiq-cve20194167-csrf (158700)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4167",
        "datePublished": "2019-08-20T19:30:25.432Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:14.826Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4165 (GCVE-0-2019-4165)

    Vulnerability from nvd – Published: 2019-07-31 16:25 – Updated: 2024-09-16 18:28
    VLAI
    Summary
    IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.0
    Affected: 7.6.0.18
    Create a notification for this product.
    Date Public
    2019-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:37.786Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
              },
              {
                "name": "ibm-storeiq-cve20194165-dos (158698)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.18"
                }
              ]
            }
          ],
          "datePublic": "2019-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.6,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/A:L/UI:N/C:N/PR:N/S:U/I:N/AC:L/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T16:25:12.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
            },
            {
              "name": "ibm-storeiq-cve20194165-dos (158698)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-07-26T00:00:00",
              "ID": "CVE-2019-4165",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.0"
                              },
                              {
                                "version_value": "7.6.0.18"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "L",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10960131",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 960131 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
                },
                {
                  "name": "ibm-storeiq-cve20194165-dos (158698)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4165",
        "datePublished": "2019-07-31T16:25:12.745Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:28:20.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4163 (GCVE-0-2019-4163)

    Vulnerability from nvd – Published: 2019-07-31 16:25 – Updated: 2024-09-16 23:16
    VLAI
    Summary
    IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.0
    Affected: 7.6.0.18
    Create a notification for this product.
    Date Public
    2019-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:36.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
              },
              {
                "name": "ibm-storeiq-cve20194163-info-disc (158696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.18"
                }
              ]
            }
          ],
          "datePublic": "2019-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 3.8,
                "temporalSeverity": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/A:N/UI:N/AC:L/I:N/S:U/C:L/PR:L/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T16:25:12.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
            },
            {
              "name": "ibm-storeiq-cve20194163-info-disc (158696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-07-26T00:00:00",
              "ID": "CVE-2019-4163",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.0"
                              },
                              {
                                "version_value": "7.6.0.18"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "N",
                  "PR": "L",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10960009",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 960009 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
                },
                {
                  "name": "ibm-storeiq-cve20194163-info-disc (158696)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4163",
        "datePublished": "2019-07-31T16:25:12.678Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:16:20.672Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4166 (GCVE-0-2019-4166)

    Vulnerability from nvd – Published: 2019-04-30 14:25 – Updated: 2024-09-16 19:20
    VLAI
    Summary
    IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2019-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:36.925Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
              },
              {
                "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
              },
              {
                "name": "108121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/108121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2019-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "CHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/C:N/S:C/AV:N/AC:L/UI:R/PR:N/A:N/I:H/RL:O/E:U/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-01T12:06:04.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
            },
            {
              "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
            },
            {
              "name": "108121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/108121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-04-26T00:00:00",
              "ID": "CVE-2019-4166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "H",
                  "PR": "N",
                  "S": "C",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10881404",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 881404 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
                },
                {
                  "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
                },
                {
                  "name": "108121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/108121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4166",
        "datePublished": "2019-04-30T14:25:14.519Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:20:15.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1928 (GCVE-0-2018-1928)

    Vulnerability from nvd – Published: 2018-11-30 15:00 – Updated: 2024-09-16 22:40
    VLAI
    Summary
    IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:14:39.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.8,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:N/AC:H/AV:L/C:H/I:H/PR:N/S:U/UI:N/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-11-28T00:00:00",
              "ID": "CVE-2018-1928",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "L",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10741611",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1928",
        "datePublished": "2018-11-30T15:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:40:33.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1927 (GCVE-0-2018-1927)

    Vulnerability from nvd – Published: 2018-11-30 15:00 – Updated: 2024-09-16 18:59
    VLAI
    Summary
    IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:14:39.363Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
              },
              {
                "name": "ibm-storeiq-cve20181927-csrf(153118)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.7,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/A:N/AC:L/AV:N/C:N/I:H/PR:N/S:U/UI:R/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
            },
            {
              "name": "ibm-storeiq-cve20181927-csrf(153118)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-11-28T00:00:00",
              "ID": "CVE-2018-1927",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10741605",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
                },
                {
                  "name": "ibm-storeiq-cve20181927-csrf(153118)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1927",
        "datePublished": "2018-11-30T15:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:59:42.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1583 (GCVE-0-2018-1583)

    Vulnerability from nvd – Published: 2018-05-22 13:00 – Updated: 2024-09-16 16:18
    VLAI
    Summary
    IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2018-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:07:43.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
              },
              {
                "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2018-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-22T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
            },
            {
              "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-05-18T00:00:00",
              "ID": "CVE-2018-1583",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22016465",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
                },
                {
                  "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1583",
        "datePublished": "2018-05-22T13:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:18:04.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-4224 (GCVE-0-2020-4224)

    Vulnerability from cvelistv5 – Published: 2020-02-03 16:45 – Updated: 2024-09-17 04:20
    VLAI
    Summary
    IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.17
    Affected: 7.6.0.20
    Create a notification for this product.
    Date Public
    2020-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:00:07.094Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/1288150"
              },
              {
                "name": "ibm-storediq-cve20204224-info-disc (175133)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.17"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.20"
                }
              ]
            }
          ],
          "datePublic": "2020-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 2.6,
                "temporalSeverity": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/UI:N/A:N/S:U/C:L/I:N/PR:N/AC:H/AV:L/RL:O/RC:C/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-03T16:45:18.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/1288150"
            },
            {
              "name": "ibm-storediq-cve20204224-info-disc (175133)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-01-31T00:00:00",
              "ID": "CVE-2020-4224",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.17"
                              },
                              {
                                "version_value": "7.6.0.20"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "L",
                  "C": "L",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/1288150",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 1288150 (StoredIQ)",
                  "url": "https://www.ibm.com/support/pages/node/1288150"
                },
                {
                  "name": "ibm-storediq-cve20204224-info-disc (175133)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175133"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4224",
        "datePublished": "2020-02-03T16:45:18.722Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:20:12.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4167 (GCVE-0-2019-4167)

    Vulnerability from cvelistv5 – Published: 2019-08-20 19:30 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0
    Create a notification for this product.
    Date Public
    2019-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:37.982Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
              },
              {
                "name": "ibm-storeiq-cve20194167-csrf (158700)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0"
                }
              ]
            }
          ],
          "datePublic": "2019-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 3.8,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/PR:N/UI:R/I:L/A:N/S:U/AV:N/C:N/AC:L/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-08-20T19:30:25.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
            },
            {
              "name": "ibm-storeiq-cve20194167-csrf (158700)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-08-14T00:00:00",
              "ID": "CVE-2019-4167",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "L",
                  "PR": "N",
                  "S": "U",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10967327",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 967327 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327"
                },
                {
                  "name": "ibm-storeiq-cve20194167-csrf (158700)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4167",
        "datePublished": "2019-08-20T19:30:25.432Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:14.826Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4165 (GCVE-0-2019-4165)

    Vulnerability from cvelistv5 – Published: 2019-07-31 16:25 – Updated: 2024-09-16 18:28
    VLAI
    Summary
    IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.0
    Affected: 7.6.0.18
    Create a notification for this product.
    Date Public
    2019-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:37.786Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
              },
              {
                "name": "ibm-storeiq-cve20194165-dos (158698)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.18"
                }
              ]
            }
          ],
          "datePublic": "2019-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.6,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/A:L/UI:N/C:N/PR:N/S:U/I:N/AC:L/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T16:25:12.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
            },
            {
              "name": "ibm-storeiq-cve20194165-dos (158698)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-07-26T00:00:00",
              "ID": "CVE-2019-4165",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.0"
                              },
                              {
                                "version_value": "7.6.0.18"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "L",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10960131",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 960131 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960131"
                },
                {
                  "name": "ibm-storeiq-cve20194165-dos (158698)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158698"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4165",
        "datePublished": "2019-07-31T16:25:12.745Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:28:20.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4163 (GCVE-0-2019-4163)

    Vulnerability from cvelistv5 – Published: 2019-07-31 16:25 – Updated: 2024-09-16 23:16
    VLAI
    Summary
    IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0.0
    Affected: 7.6.0.18
    Create a notification for this product.
    Date Public
    2019-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:36.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
              },
              {
                "name": "ibm-storeiq-cve20194163-info-disc (158696)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0.0"
                },
                {
                  "status": "affected",
                  "version": "7.6.0.18"
                }
              ]
            }
          ],
          "datePublic": "2019-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 3.8,
                "temporalSeverity": "LOW",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/A:N/UI:N/AC:L/I:N/S:U/C:L/PR:L/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T16:25:12.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
            },
            {
              "name": "ibm-storeiq-cve20194163-info-disc (158696)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-07-26T00:00:00",
              "ID": "CVE-2019-4163",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0.0"
                              },
                              {
                                "version_value": "7.6.0.18"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "L",
                  "I": "N",
                  "PR": "L",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10960009",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 960009 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960009"
                },
                {
                  "name": "ibm-storeiq-cve20194163-info-disc (158696)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4163",
        "datePublished": "2019-07-31T16:25:12.678Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:16:20.672Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4166 (GCVE-0-2019-4166)

    Vulnerability from cvelistv5 – Published: 2019-04-30 14:25 – Updated: 2024-09-16 19:20
    VLAI
    Summary
    IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2019-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:33:36.925Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
              },
              {
                "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
              },
              {
                "name": "108121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/108121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2019-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "CHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/C:N/S:C/AV:N/AC:L/UI:R/PR:N/A:N/I:H/RL:O/E:U/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-01T12:06:04.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
            },
            {
              "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
            },
            {
              "name": "108121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/108121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2019-04-26T00:00:00",
              "ID": "CVE-2019-4166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "H",
                  "PR": "N",
                  "S": "C",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10881404",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 881404 (StoredIQ)",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10881404"
                },
                {
                  "name": "ibm-storeiq-cve20194166-open-redirect (158699)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158699"
                },
                {
                  "name": "108121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/108121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4166",
        "datePublished": "2019-04-30T14:25:14.519Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:20:15.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1927 (GCVE-0-2018-1927)

    Vulnerability from cvelistv5 – Published: 2018-11-30 15:00 – Updated: 2024-09-16 18:59
    VLAI
    Summary
    IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:14:39.363Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
              },
              {
                "name": "ibm-storeiq-cve20181927-csrf(153118)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.7,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/A:N/AC:L/AV:N/C:N/I:H/PR:N/S:U/UI:R/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
            },
            {
              "name": "ibm-storeiq-cve20181927-csrf(153118)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-11-28T00:00:00",
              "ID": "CVE-2018-1927",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "R"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10741605",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741605"
                },
                {
                  "name": "ibm-storeiq-cve20181927-csrf(153118)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153118"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1927",
        "datePublished": "2018-11-30T15:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:59:42.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1928 (GCVE-0-2018-1928)

    Vulnerability from cvelistv5 – Published: 2018-11-30 15:00 – Updated: 2024-09-16 22:40
    VLAI
    Summary
    IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6.0
    Create a notification for this product.
    Date Public
    2018-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:14:39.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6.0"
                }
              ]
            }
          ],
          "datePublic": "2018-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 5.8,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:N/AC:H/AV:L/C:H/I:H/PR:N/S:U/UI:N/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-30T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-11-28T00:00:00",
              "ID": "CVE-2018-1928",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "H",
                  "AV": "L",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-storeiq-cve20181928-priv-escalation(153119)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/153119"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=ibm10741611",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=ibm10741611"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1928",
        "datePublished": "2018-11-30T15:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:40:33.674Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1583 (GCVE-0-2018-1583)

    Vulnerability from cvelistv5 – Published: 2018-05-22 13:00 – Updated: 2024-09-16 16:18
    VLAI
    Summary
    IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM StoredIQ Affected: 7.6
    Create a notification for this product.
    Date Public
    2018-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:07:43.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
              },
              {
                "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "StoredIQ",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                }
              ]
            }
          ],
          "datePublic": "2018-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-22T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
            },
            {
              "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-05-18T00:00:00",
              "ID": "CVE-2018-1583",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "StoredIQ",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "7.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22016465",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22016465"
                },
                {
                  "name": "ibm-storediq-cve20181583-priv-escalation(143331)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143331"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2018-1583",
        "datePublished": "2018-05-22T13:00:00.000Z",
        "dateReserved": "2017-12-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:18:04.831Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }