Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for VirusScan Enterprise Linux (VSEL) by Intel

    CVE-2016-8025 (GCVE-0-2016-8025)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.808Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8025",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8025",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.808Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8024 (GCVE-0-2016-8024)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
    Severity
    No CVSS data available.
    CWE
    • Improper neutralization of CRLF sequences in HTTP headers vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.584Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper neutralization of CRLF sequences in HTTP headers vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8024",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8024",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8023 (GCVE-0-2016-8023)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass by assumed-immutable data vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.792Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass by assumed-immutable data vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8023",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass by assumed-immutable data vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8023",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8022 (GCVE-0-2016-8022)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass by spoofing vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass by spoofing vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8022",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass by spoofing vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8022",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8021 (GCVE-0-2016-8021)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
    Severity
    No CVSS data available.
    CWE
    • Improper verification of cryptographic signature vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.653Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper verification of cryptographic signature vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8021",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper verification of cryptographic signature vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8021",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.653Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8020 (GCVE-0-2016-8020)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
    Severity
    No CVSS data available.
    CWE
    • Improper control of generation of code vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.750Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper control of generation of code vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper control of generation of code vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8020",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8019 (GCVE-0-2016-8019)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting (XSS) vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.593Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting (XSS) vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8019",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting (XSS) vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8019",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8018 (GCVE-0-2016-8018)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Cross-site request forgery (CSRF) vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site request forgery (CSRF) vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8018",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site request forgery (CSRF) vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8018",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8017 (GCVE-0-2016-8017)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Special element injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.787Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Special element injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8017",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Special element injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8017",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8016 (GCVE-0-2016-8016)

    Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
    Severity
    No CVSS data available.
    CWE
    • Information exposure
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information exposure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8016",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8016",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8019 (GCVE-0-2016-8019)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting (XSS) vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.593Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting (XSS) vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8019",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting (XSS) vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8019",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8018 (GCVE-0-2016-8018)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Cross-site request forgery (CSRF) vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.699Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site request forgery (CSRF) vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8018",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site request forgery (CSRF) vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8018",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.699Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8023 (GCVE-0-2016-8023)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass by assumed-immutable data vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.792Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass by assumed-immutable data vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8023",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass by assumed-immutable data vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8023",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8020 (GCVE-0-2016-8020)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
    Severity
    No CVSS data available.
    CWE
    • Improper control of generation of code vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.750Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper control of generation of code vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper control of generation of code vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8020",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8017 (GCVE-0-2016-8017)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
    Severity
    No CVSS data available.
    CWE
    • Special element injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.787Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Special element injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8017",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Special element injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8017",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8022 (GCVE-0-2016-8022)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass by spoofing vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass by spoofing vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8022",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass by spoofing vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8022",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8016 (GCVE-0-2016-8016)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
    Severity
    No CVSS data available.
    CWE
    • Information exposure
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information exposure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8016",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8016",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8025 (GCVE-0-2016-8025)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
    Severity
    No CVSS data available.
    CWE
    • SQL injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.808Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "SQL injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8025",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "SQL injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8025",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.808Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8024 (GCVE-0-2016-8024)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
    Severity
    No CVSS data available.
    CWE
    • Improper neutralization of CRLF sequences in HTTP headers vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.584Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper neutralization of CRLF sequences in HTTP headers vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8024",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8024",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.584Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8021 (GCVE-0-2016-8021)

    Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 02:13
    VLAI
    Summary
    Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
    Severity
    No CVSS data available.
    CWE
    • Improper verification of cryptographic signature vulnerability
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94823 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037433 vdb-entryx_refsource_SECTRACK
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/40911/ exploitx_refsource_EXPLOIT-DB
    Impacted products
    Vendor Product Version
    Intel VirusScan Enterprise Linux (VSEL) Affected: 2.0.3 (and earlier)
    Create a notification for this product.
    Date Public
    2016-12-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:13:21.653Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94823",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94823"
              },
              {
                "name": "1037433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037433"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
              },
              {
                "name": "40911",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40911/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "VirusScan Enterprise Linux (VSEL)",
              "vendor": "Intel",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.3 (and earlier)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper verification of cryptographic signature vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-02T09:57:01.000Z",
            "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
            "shortName": "intel"
          },
          "references": [
            {
              "name": "94823",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94823"
            },
            {
              "name": "1037433",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037433"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
            },
            {
              "name": "40911",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40911/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@intel.com",
              "ID": "CVE-2016-8021",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "VirusScan Enterprise Linux (VSEL)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.0.3 (and earlier)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Intel"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper verification of cryptographic signature vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94823",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94823"
                },
                {
                  "name": "1037433",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037433"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
                },
                {
                  "name": "40911",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40911/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "assignerShortName": "intel",
        "cveId": "CVE-2016-8021",
        "datePublished": "2017-03-14T22:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:13:21.653Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }